diff --git a/.vitepress/config/cn.ts b/.vitepress/config/cn.ts index a62ff9d..55b05e7 100644 --- a/.vitepress/config/cn.ts +++ b/.vitepress/config/cn.ts @@ -13,14 +13,16 @@ export const cn = defineConfig({ items: [ { text: '功能简介', link: '/guide/introduction' }, { text: '下载', link: '/guide/download' }, - { text: '安装', link: '/guide/installation' }, + { text: '安装 CLI', link: '/guide/installation' }, + { text: '安装 GUI', link: '/guide/installation_gui' }, + { text: '常见问题', link: '/guide/faq' }, ], }, { text: '命令行工具组网', link: '/guide/networking', items: [ - { text: '快速组网', link: '/guide/network/fast-networking' }, + { text: '快速组网', link: '/guide/network/quick-networking' }, { text: '去中心组网', link: '/guide/network/decentralized-networking' }, { text: '使用 Web 控制台组网', link: '/guide/network/web-console' }, { text: '使用 WireGuard 客户端接入', link: '/guide/network/use-easytier-with-wireguard-client' }, @@ -32,8 +34,10 @@ export const cn = defineConfig({ { text: 'SOCKS5', link: '/guide/network/socks5' }, { text: '搭建共享节点', link: '/guide/network/host-public-server' }, { text: '改善 P2P', link: '/guide/network/p2p-optimize' }, + { text: '魔法 DNS', link: '/guide/network/magic-dns' }, ] }, { text: '开机自启(注册服务)', collapsed: true, items: [ + { text: '一键安装服务', link: '/guide/network/oneclick-install-as-service' }, { text: '安装为 Windows 服务', link: '/guide/network/install-as-a-windows-service' }, { text: '安装为 Linux systemd 服务', link: '/guide/network/install-as-a-systemd-service' }, { text: '安装为 macOS 服务', link: '/guide/network/install-as-a-macos-service' }, diff --git a/.vitepress/config/en.ts b/.vitepress/config/en.ts index f7ecd65..47ace56 100644 --- a/.vitepress/config/en.ts +++ b/.vitepress/config/en.ts @@ -13,26 +13,31 @@ export const en = defineConfig({ items: [ { text: 'Introduction', link: '/en/guide/introduction' }, { text: 'Download', link: '/en/guide/download' }, - { text: 'Installation', link: '/en/guide/installation' }, + { text: 'Installation CLI', link: '/en/guide/installation' }, + { text: 'Installation GUI', link: '/en/guide/installation_gui' }, + { text: 'FAQ', link: '/en/guide/faq' }, ], }, { text: 'Command Line Networking', link: '/en/guide/networking', items: [ - { text: 'Quick Networking', link: '/en/guide/network/fast-networking' }, + { text: 'Quick Networking', link: '/en/guide/network/quick-networking' }, { text: 'Decentralized Networking', link: '/en/guide/network/decentralized-networking' }, { text: 'Networking with Web Console', link: '/en/guide/network/web-console' }, { text: 'Using WireGuard Client', link: '/en/guide/network/use-easytier-with-wireguard-client' }, { text: 'Subnet Proxy (Point-to-Network)', link: '/en/guide/network/point-to-networking' }, + { text: 'Bandwidth and Latency Optimization (KCP Proxy)', link: '/en/guide/network/kcp-proxy' }, { text: 'Advanced Features', collapsed: true, items: [ { text: 'Network-to-Network', link: '/en/guide/network/network-to-network' }, { text: 'No TUN Mode (No Root Required)', link: '/en/guide/network/no-root' }, { text: 'SOCKS5', link: '/en/guide/network/socks5' }, { text: 'Hosting Public Server', link: '/en/guide/network/host-public-server' }, { text: 'P2P Optimization', link: '/en/guide/network/p2p-optimize' }, + { text: 'Magic DNS', link: '/en/guide/network/magic-dns' }, ] }, { text: 'Autostart (Register Service)', collapsed: true, items: [ + { text: 'One-Click Install Service', link: '/en/guide/network/oneclick-install-as-service' }, { text: 'Install as Windows Service', link: '/en/guide/network/install-as-a-windows-service' }, { text: 'Install as Linux systemd Service', link: '/en/guide/network/install-as-a-systemd-service' }, { text: 'Install as macOS Service', link: '/en/guide/network/install-as-a-macos-service' }, diff --git a/assets/AstralET1.png b/assets/AstralET1.png index 209d620..d7e5433 100644 Binary files a/assets/AstralET1.png and b/assets/AstralET1.png differ diff --git a/assets/AstralET2.png b/assets/AstralET2.png index fc032c6..b9112fc 100644 Binary files a/assets/AstralET2.png and b/assets/AstralET2.png differ diff --git a/assets/AstralET3.png b/assets/AstralET3.png index 50a2966..a1c1aec 100644 Binary files a/assets/AstralET3.png and b/assets/AstralET3.png differ diff --git a/assets/AstralET4.png b/assets/AstralET4.png index f44b3ac..afcf922 100644 Binary files a/assets/AstralET4.png and b/assets/AstralET4.png differ diff --git a/assets/AstralET5.png b/assets/AstralET5.png index 4d86813..75a8843 100644 Binary files a/assets/AstralET5.png and b/assets/AstralET5.png differ diff --git a/assets/alipay.png b/assets/alipay.png new file mode 100644 index 0000000..3661eb5 Binary files /dev/null and b/assets/alipay.png differ diff --git a/assets/cn/config.png b/assets/cn/config.png index c205a3b..fce029f 100644 Binary files a/assets/cn/config.png and b/assets/cn/config.png differ diff --git a/assets/cn/manual.png b/assets/cn/manual.png index c491061..2901795 100644 Binary files a/assets/cn/manual.png and b/assets/cn/manual.png differ diff --git a/assets/cn/portal.png b/assets/cn/portal.png index 508e792..ab77318 100644 Binary files a/assets/cn/portal.png and b/assets/cn/portal.png differ diff --git a/assets/cn/portal_config.png b/assets/cn/portal_config.png index bf97e60..08208e0 100644 Binary files a/assets/cn/portal_config.png and b/assets/cn/portal_config.png differ diff --git a/assets/cn/running.png b/assets/cn/running.png index 658e80a..09e7f91 100644 Binary files a/assets/cn/running.png and b/assets/cn/running.png differ diff --git a/assets/cn/subnet-mapping.png b/assets/cn/subnet-mapping.png new file mode 100644 index 0000000..0969590 Binary files /dev/null and b/assets/cn/subnet-mapping.png differ diff --git a/assets/cn/subnet.png b/assets/cn/subnet.png index 37eca67..08e3022 100644 Binary files a/assets/cn/subnet.png and b/assets/cn/subnet.png differ diff --git a/assets/easytier.png b/assets/easytier.png index 13bab39..26c6d8f 100644 Binary files a/assets/easytier.png and b/assets/easytier.png differ diff --git a/assets/game-step1.png b/assets/game-step1.png index 76bad72..8269025 100644 Binary files a/assets/game-step1.png and b/assets/game-step1.png differ diff --git a/assets/game-step2.png b/assets/game-step2.png index e62983c..2de2548 100644 Binary files a/assets/game-step2.png and b/assets/game-step2.png differ diff --git a/assets/game-step3.png b/assets/game-step3.png index 8af3802..e4eba54 100644 Binary files a/assets/game-step3.png and b/assets/game-step3.png differ diff --git a/assets/game-step4.png b/assets/game-step4.png index e18a42a..ecb4116 100644 Binary files a/assets/game-step4.png and b/assets/game-step4.png differ diff --git a/assets/game-step5.png b/assets/game-step5.png index 151c3eb..2ef374f 100644 Binary files a/assets/game-step5.png and b/assets/game-step5.png differ diff --git a/assets/game-step6.png b/assets/game-step6.png index 7582878..7bd0f05 100644 Binary files a/assets/game-step6.png and b/assets/game-step6.png differ diff --git a/assets/gui-screenshot.png b/assets/gui-screenshot.png new file mode 100644 index 0000000..8870aa9 Binary files /dev/null and b/assets/gui-screenshot.png differ diff --git a/assets/image-4.png b/assets/image-4.png index e95881e..cf1e990 100644 Binary files a/assets/image-4.png and b/assets/image-4.png differ diff --git a/assets/image-5.png b/assets/image-5.png index d75d9f0..240e8bb 100644 Binary files a/assets/image-5.png and b/assets/image-5.png differ diff --git a/assets/image-6.png b/assets/image-6.png deleted file mode 100644 index e9529fa..0000000 Binary files a/assets/image-6.png and /dev/null differ diff --git a/assets/image-7.png b/assets/image-7.png deleted file mode 100644 index da8334a..0000000 Binary files a/assets/image-7.png and /dev/null differ diff --git a/assets/manage-step1.png b/assets/manage-step1.png index f6ce112..fbfade9 100644 Binary files a/assets/manage-step1.png and b/assets/manage-step1.png differ diff --git a/assets/manage-step2.png b/assets/manage-step2.png index 4134e0b..467a426 100644 Binary files a/assets/manage-step2.png and b/assets/manage-step2.png differ diff --git a/assets/manage-step3.png b/assets/manage-step3.png index f31e567..12acddd 100644 Binary files a/assets/manage-step3.png and b/assets/manage-step3.png differ diff --git a/assets/manage-step4.png b/assets/manage-step4.png index 1b813b9..600e81f 100644 Binary files a/assets/manage-step4.png and b/assets/manage-step4.png differ diff --git a/assets/manage-step5.png b/assets/manage-step5.png index 60919d9..e8472c8 100644 Binary files a/assets/manage-step5.png and b/assets/manage-step5.png differ diff --git a/assets/manage-step6.png b/assets/manage-step6.png index 5c95e79..bb52653 100644 Binary files a/assets/manage-step6.png and b/assets/manage-step6.png differ diff --git a/assets/manage-step7.png b/assets/manage-step7.png index 1b7f8e3..52fb36b 100644 Binary files a/assets/manage-step7.png and b/assets/manage-step7.png differ diff --git a/assets/manage-step8.png b/assets/manage-step8.png index 32e8ef7..e7a6061 100644 Binary files a/assets/manage-step8.png and b/assets/manage-step8.png differ diff --git a/assets/manage-step9.png b/assets/manage-step9.png index 222599f..0269f6e 100644 Binary files a/assets/manage-step9.png and b/assets/manage-step9.png differ diff --git a/assets/web-device-config.png b/assets/web-device-config.png index 23c022f..ce5b4cc 100644 Binary files a/assets/web-device-config.png and b/assets/web-device-config.png differ diff --git a/assets/web-device-list.png b/assets/web-device-list.png index b6e08e9..8abbeee 100644 Binary files a/assets/web-device-list.png and b/assets/web-device-list.png differ diff --git a/assets/web-device-run-network.png b/assets/web-device-run-network.png index 4a736cf..7ce5c4f 100644 Binary files a/assets/web-device-run-network.png and b/assets/web-device-run-network.png differ diff --git a/assets/web-homepage.png b/assets/web-homepage.png index a277017..e8626b3 100644 Binary files a/assets/web-homepage.png and b/assets/web-homepage.png differ diff --git a/assets/wechat.png b/assets/wechat.png new file mode 100644 index 0000000..9183f1e Binary files /dev/null and b/assets/wechat.png differ diff --git a/assets/weixin.png b/assets/weixin.png deleted file mode 100644 index 3fb22c6..0000000 Binary files a/assets/weixin.png and /dev/null differ diff --git a/assets/win-service.png b/assets/win-service.png index b9ea6d1..c1d45a2 100644 Binary files a/assets/win-service.png and b/assets/win-service.png differ diff --git a/assets/zhifubao.png b/assets/zhifubao.png deleted file mode 100644 index c34c408..0000000 Binary files a/assets/zhifubao.png and /dev/null differ diff --git a/en/guide/download.md b/en/guide/download.md index ab87cf8..798a950 100644 --- a/en/guide/download.md +++ b/en/guide/download.md @@ -37,7 +37,7 @@ const packages = ref([ cli_pkg_tmpl: { "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/easytier-windows-x86_64-v{}.zip' }, - comment: "Support Windows 8 and above, Windows 7 only supports EasyTier v2.1.2 and below." + comment: "Windows 7 needs to be SP1 and above, and you need to install the two patches KB3063858 and KB4474419, and disable QUIC input." }, { os: "Windows", @@ -49,17 +49,6 @@ const packages = ref([ "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/easytier-windows-arm64-v{}.zip' }, }, - { - os: 'Windows 7', - arch: 'x86_64', - gui_pkg_tmpl: { - "exe": 'https://github.com/EasyTier/EasyTier/releases/download/v2.1.2/easytier-gui_2.1.2_x64-setup.exe' - }, - cli_pkg_tmpl: { - "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v2.1.2/easytier-windows-x86_64-v2.1.2.zip' - }, - comment: "Windows 7 needs to be SP1 and above, and you need to install the two patches KB3063858 and KB4474419. This version is EasyTier v2.1.2." - }, { os: "Linux", arch: "x86_64", @@ -113,6 +102,14 @@ const packages = ref([ cli_pkg_tmpl: {}, comment: "If you encounter abnormal display issues, please try upgrading WebView" }, + { + os: "Android Magisk Module", + arch: "aarch64", + gui_pkg_tmpl: {}, + cli_pkg_tmpl: { + "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/Easytier-Magisk-v{}.zip' + }, + }, { os: "FreeBSD 13.2", arch: "x86_64", @@ -144,11 +141,12 @@ function renderUrlTmpl(url_tmpl: string): string { You can directly go to the [GitHub Release page](https://github.com/EasyTier/EasyTier/releases) to view the download links for all versions, or use the table below to find the version that suits you. -The command line program package includes three executables: +The command line program package includes four executables: - `easytier-core`: The core program of EasyTier - `easytier-cli`: EasyTier management program, after starting easytier-core, you can use easytier-cli to view virtual network information - `easytier-web`: Used for self-hosting the EasyTier Web console backend, generally no need to self-host, you can use the official Web console +- `easytier-web-embed`: Same functionality as `easytier-web`, but includes the Web frontend. ## EasyTier v{{ version }} { #latest } diff --git a/en/guide/faq.md b/en/guide/faq.md new file mode 100644 index 0000000..d84a111 --- /dev/null +++ b/en/guide/faq.md @@ -0,0 +1,39 @@ +# Frequently Asked Questions {#faq} + +--- + +**Q: Windows 7 cannot create a network, the program crashes or reports an error saying it cannot create a virtual network?** + +**A:** Windows 7 requires SP1 or later versions, and the following patches must be installed: +- [KB3063858](https://www.microsoft.com/en-us/download/details.aspx?id=47409) +- [KB4474419](https://www.catalog.update.microsoft.com/search.aspx?q=KB4474419) + +--- + +**Q: The Linux command-line help is in English, how can I switch to Chinese?** + +**A:** Set the environment variable `LANG=zh_CN`. Use the following command: + +```bash +export LANG=zh_CN +``` + +--- + +**Q: What should I do if TunError is displayed after startup?** + +**A:** Please ensure that the TUN driver is correctly loaded and the `/dev/net/tun` file exists. If running in Docker, ensure privileged mode is enabled. The command to load the TUN driver on Linux is as follows: + +```bash +modprobe tun +mkdir -p /dev/net +sudo mknod /dev/net/tun c 10 200 +``` + +--- + +**Q: What should I do if the error `Address already in use` is reported after startup?** + +**A:** This may be due to port conflicts. Please check whether port 11010 or the port specified by the startup parameter (e.g., `-l tcp:12345`) is occupied by other programs. + +--- diff --git a/en/guide/gui/basic.md b/en/guide/gui/basic.md index 761b0ff..f437ea5 100644 --- a/en/guide/gui/basic.md +++ b/en/guide/gui/basic.md @@ -1,6 +1,6 @@ # Public Server Networking -Currently, a small bandwidth public server is provided to facilitate networking for friends without a public server. In most cases, P2P tunneling can be successful. If P2P tunneling fails, the bandwidth between nodes may be relatively low. +The GUI defaults to using official shared nodes for networking, which is convenient for friends without public IPs. In most cases, P2P tunneling can be successful. If P2P tunneling fails, the bandwidth between nodes may be relatively low. The configuration method is shown in the figure. diff --git a/en/guide/gui/easytier-game.md b/en/guide/gui/easytier-game.md index d92a461..33c4634 100644 --- a/en/guide/gui/easytier-game.md +++ b/en/guide/gui/easytier-game.md @@ -2,21 +2,19 @@ ## Introduction -EasyTierGame is a game launcher developed with `nuxt3`, `typescript`, `rust`, and `tauri`. -It features a simple interface and includes the latest EasyTier core, providing a comfortable experience both psychologically and practically when playing online. It also supports custom configuration file launches to meet various needs. +EasyTier Game Launcher is developed with `nuxt3`, `typescript`, `rust`, and `tauri`. It has a simple interface and comes with the latest EasyTier core. When playing multiplayer games, it provides the most comfortable experience both psychologically and practically. It also supports custom configuration file startup to meet various needs. ## Download -Github -Releases: [https://github.com/EasyTier/EasytierGame/releases](https://github.com/EasyTier/EasytierGame/releases) +GitHub Releases: [https://github.com/EasyTier/EasytierGame/releases](https://github.com/EasyTier/EasytierGame/releases) -- Only a green zip package is available. I personally dislike installers that write to the registry. Just extract and use, keeping the directory clean and tidy. +- Only green zip packages are available. Personally, I don't like installers that write to the registry. Just extract and use, keeping the directory clean and tidy. ![game-step1](/assets/game-step1.png) ## Tutorial -- For the first use, enter a "hostname" and click to start the game. You can later create your own server or use servers provided by community members. +- For the first use, enter a "hostname" and click to start the connection. Later, you can create your own server or use servers provided by kind community members. ![game-step2](/assets/game-step2.png) ![game-step3](/assets/game-step3.png) @@ -24,7 +22,7 @@ Releases: [https://github.com/EasyTier/EasytierGame/releases](https://github.com - There are some special configurations in the advanced options that you can choose from. ![game-step4](/assets/game-step4.png) -- If your needs are still not met, you can use a configuration file to start the game. For details on how to configure, refer to the documentation [Configuration File](/guide/network/config-file.html). +- If your needs are still not met, you can use a configuration file to start. For details on how to configure, refer to the documentation [Configuration File](/guide/network/config-file.html). ![game-step5](/assets/game-step5.png) - After upgrading the EasyTier core, you can click the update plugin button to update. However, you need to use a VPN. If you cannot update, you can get the update from the community. @@ -32,12 +30,12 @@ Releases: [https://github.com/EasyTier/EasytierGame/releases](https://github.com ## Features -- Developed based on the EasyTier networking tool, with a clear and simple interface. -- Comes with an "update" button. When a new version of the EasyTier networking tool is released, click update to get it (requires a VPN). -- For the first use, enter a "hostname" and click to start the game. You can later create your own server or use servers provided by community members. -- Simple configuration with advanced features, also supports custom configuration file launches. -- **WinIPBroadcast** is enabled by default, so you no longer have to worry about not finding rooms when playing online (e.g., Borderlands 3). -- Tested and stable for online play with **Elden Ring**, **Borderlands 3**, **Deep Rock Galactic**, **Monster Hunter: World**, and more. +- Developed based on the EasyTier networking tool with a clear and simple interface. +- Built-in "Update" button. When the EasyTier networking tool releases a new version, just click update (requires VPN). +- For the first use, enter a "hostname" and click to start the connection. Later, you can create your own server or use community servers. +- Simple configuration with advanced features, also supports custom configuration file startup. +- **WinIPBroadcast** is enabled by default, no longer afraid of not finding rooms when connecting (e.g., Borderlands 3). +- Tested with **Elden Ring learning version**, **Borderlands 3**, **Deep Rock Galactic**, **Monster Hunter World**, etc., all can be played stably. ## System Support diff --git a/en/guide/gui/easytier-manager.md b/en/guide/gui/easytier-manager.md index fc298bd..4675102 100644 --- a/en/guide/gui/easytier-manager.md +++ b/en/guide/gui/easytier-manager.md @@ -2,28 +2,27 @@ ## Download -Github -Releases: [https://github.com/xlc520/easytier-manager/releases](https://github.com/xlc520/easytier-manager/releases) +GitHub Releases: [https://github.com/xlc520/easytier-manager/releases](https://github.com/xlc520/easytier-manager/releases) #### Package Descriptions -- `exe`: Installer, needs to be installed before use -- `zip`: No installation required, just unzip to use +- `exe`: Installer, must be installed before use +- `zip`: Portable, extract and use directly - `easytier-manager-win_2.0.0.exe`: Universal installer for 64-bit and 32-bit Windows systems -- `easytier-manager-win-x64_2.0.0.exe`: Installer for 64-bit Windows systems -- `easytier-manager-win-ia32_2.0.0.exe`: Installer for 32-bit Windows systems -- `easytier-manager-win7-x64_2.0.0.exe`: Installer for 64-bit Windows 7 systems -- `tar.gz` `deb` `rpm` `AppImage`: For use on Linux systems (untested) +- `easytier-manager-win-x64_2.0.0.exe`: 64-bit Windows system installer +- `easytier-manager-win-ia32_2.0.0.exe`: 32-bit Windows system installer +- `easytier-manager-win7-x64_2.0.0.exe`: 64-bit Windows 7 system installer +- `tar.gz` `deb` `rpm` `AppImage`: For Linux systems (not yet tested) ## Tutorial -- **1. [Important] On the settings page, check if the kernel exists. If not, download and install the kernel, then check again** (only needed for the first use, subsequent uses can run directly if the kernel exists) +- **1. [Important] Settings page: Check if the kernel exists, if not, download the kernel, then install it, and check again if the kernel exists** (only needed for first use, subsequent confirmations can run directly) ![manage-step1](/assets/manage-step1.png) ![manage-step2](/assets/manage-step2.png) -- 2. On the configuration page, create a new network configuration, either by editing the code directly or by filling out a form +- 2. Configuration page: Create new network configurations, providing both direct code editing and form filling methods ![manage-step3](/assets/manage-step3.png) @@ -33,13 +32,13 @@ Releases: [https://github.com/xlc520/easytier-manager/releases](https://github.c ![manage-step6](/assets/manage-step6.png) -- 3. On the workspace (home page), run the specified configuration +- 3. Workspace (home page): Run specified configurations ![manage-step7](/assets/manage-step7.png) -- 4. [Optional] After the network is successfully configured, you can exit the manager if there are no connection issues. The core program will run in the background (right-click the tray icon and select `exit`) +- 4. [Optional] After successful networking, if the connection is fine, you can exit the manager. The core program will run in the background (right-click the tray icon to "Exit") -- 5. [Optional] On the configuration page, install the specified configuration as a system service +- 5. [Optional] On the configuration page, install specified configurations as system services ![manage-step8](/assets/manage-step8.png) @@ -47,28 +46,28 @@ Releases: [https://github.com/xlc520/easytier-manager/releases](https://github.c ## Introduction -EasyTier Manager integrates Vue3 + Vite5 + Electron33 + Element-Plus. It is a free and open-source network management tool based on `element-plus`. It is developed using the latest technologies such as `vue3`, `vite5`, and `TypeScript`. +EasyTier Manager integrates Vue3 + Vite5 + Electron33 + Element-Plus. It is a free and open-source network manager based on `element-plus`. It is developed using the latest mainstream technologies such as `vue3`, `vite5`, `TypeScript`, etc. ## Features -- **Memory Usage**: After the network is successfully configured, you can exit the manager without affecting the network, so it won't occupy memory or cause memory leaks -- **Multiple Configurations**: Supports running and managing multiple network configurations -- **System Service Installation**: One-click installation as a system service with automatic startup on boot -- **Visual Configuration**: Provides a form for visual network configuration, making it simple and convenient -- **Visual Log Viewing**: View logs of the current network configuration on the home page -- **One-Click Download and Install**: One-click download and install of the kernel with built-in accelerated sources, no manual download required -- **Latest Tech Stack**: Developed using cutting-edge technologies like Electron33/Vue3/vite5 -- **TypeScript**: A language for application-scale JavaScript +- **Memory Usage**: After successful networking, you can directly exit the manager without affecting the network, so it won't occupy memory or cause memory leaks due to various issues +- **Multi-Configuration Startup**: Supports running and managing multiple network configurations +- **System Service Installation**: One-click installation as a system service with visual interface, auto-start on boot +- **Visual Configuration Addition**: Provides form-based visual addition of network configurations, simple and convenient +- **Visual Log Viewing**: View logs of current network configurations on the home page +- **One-Click Download and Install**: One-click download and installation of the kernel with built-in accelerated sources, no manual download required +- **Latest Tech Stack**: Developed using cutting-edge frontend technologies like Electron33/Vue3/vite5 +- **TypeScript**: Application-level JavaScript language - **Internationalization**: Built-in comprehensive internationalization solution ## Bug Reports & Suggestions -> The project is stable and may not have new features developed, only bug fixes +> Tending towards stability, may not develop new features, only fix vulnerabilities and such -Check [TODO](https://github.com/xlc520/easytier-manager/blob/master/TODO.md) to see if there are existing records to avoid duplication +You can check [TODO](https://github.com/xlc520/easytier-manager/blob/master/TODO.md) to see if it's already recorded to avoid duplication -[BUG Report | Feature Suggestion](https://github.com/xlc520/easytier-manager/issues/new/choose) +[Submit Bug | Feature Request](https://github.com/xlc520/easytier-manager/issues/new/choose) ## System Support -Theoretically supports Windows 11, Windows 10, Windows 7 +Theoretically supports Windows 11, Windows 10, and Windows 7. diff --git a/en/guide/gui/manual.md b/en/guide/gui/manual.md index 3e749da..d32f561 100644 --- a/en/guide/gui/manual.md +++ b/en/guide/gui/manual.md @@ -1,6 +1,7 @@ -# 手动组网 +# Manual Networking -EasyTier 不区分客户端服务端,且完全去中心化,新增节点只需与虚拟网络中的任意节点建链即可加入组网。配置方法如下图所示。 +EasyTier does not distinguish between client and server, and is completely decentralized. New nodes only need to establish a connection with any node in the virtual network to join the network. The configuration method is shown in the figure below. -![手动组网](/assets/cn/manual.png) +![Manual Networking](/assets/cn/manual.png) +Note: After entering the node IP, you need to click on the list item to confirm. After confirmation, the node address will be displayed in card format. diff --git a/en/guide/gui/subnet_proxy.md b/en/guide/gui/subnet_proxy.md index d0d7c4e..a635ddd 100644 --- a/en/guide/gui/subnet_proxy.md +++ b/en/guide/gui/subnet_proxy.md @@ -5,3 +5,9 @@ By setting up a subnet proxy, you can connect the local area network and the vir Assuming the devices at home are in the 192.168.1.0/24 subnet, and you want to access any device at home from the company, you can start an EasyTier node at home and add a subnet proxy for 192.168.1.0/24. No additional configuration is needed on the company's devices; simply connect to the home node successfully, and you can access any device at home. ![Subnet Proxy Configuration](/assets/cn/subnet.png) + +Note: After entering the subnet, you need to click on the list item to confirm. After successful confirmation, the subnet will be displayed in card format. + +Subnet proxy can perform subnet mapping. + +![Subnet Proxy Configuration](/assets/cn/subnet-mapping.png) diff --git a/en/guide/installation.md b/en/guide/installation.md index e1eddf3..819760c 100644 --- a/en/guide/installation.md +++ b/en/guide/installation.md @@ -1,32 +1,52 @@ -# Installation {#installation} +# Installation (Command Line Program) {#installation} + +This section only introduces installation methods. Please read the [Quick Networking](/en/guide/network/quick-networking) documentation to understand parameter meanings and usage methods. ## Installation Methods -1. **Download Precompiled Binaries (Recommended)** +1. **Manual Download of Command Line Program** - Visit the [⬇️Download Page](./download) to download the binaries or installation packages for your operating system. + Visit the [⬇️Download Page](./download) to download the EasyTier command line program suitable for your operating system and hardware architecture. After downloading, it's a ZIP compressed package that can be used directly after extraction. -2. **Install via crates.io** + ::: code-group - ```sh [cargo] - cargo install easytier + ```bash [Linux / MacOS / FreeBSD] + ./easytier-core --version + ``` + + ```powershell [Windows] + .\easytier-core.exe --version ``` -3. **DockerHub** + ::: + + *** + +2. **DockerHub** - [DockerHub Image](https://hub.docker.com/layers/easytier/easytier) + [DockerHub Image Address](https://hub.docker.com/r/easytier/easytier) ```sh [docker] + # docker.io image docker pull easytier/easytier:latest + docker run -d --privileged --network host easytier/easytier:latest + + # Domestic users can use DaoCloud image + docker pull m.daocloud.io/docker.io/easytier/easytier:latest + docker run -d --privileged --network host m.daocloud.io/docker.io/easytier/easytier:latest ``` -4. **Install via Docker Compose** + Please continue reading the [Quick Networking](/en/guide/network/quick-networking) documentation to understand parameter meanings and usage methods. + + *** + +3. **Install via Docker Compose** ::: details docker-compose.yml ```yaml [docker-compose.yml] services: - watchtower: # Used to automatically update the easytier image, delete this part if not needed + watchtower: # Used to automatically update easytier image, delete this part if not needed image: containrrr/watchtower container_name: watchtower restart: unless-stopped @@ -37,7 +57,7 @@ - /var/run/docker.sock:/var/run/docker.sock command: --interval 3600 --cleanup --label-enable easytier: - image: easytier/easytier:latest + image: easytier/easytier:latest # Domestic users can use m.daocloud.io/docker.io/easytier/easytier:latest hostname: easytier container_name: easytier labels: @@ -52,53 +72,39 @@ devices: - /dev/net/tun:/dev/net/tun volumes: - - /etc/machine-id:/etc/machine-id:ro # Pass the host's machine id into container - /etc/easytier:/root - command: -i --network-name --network-secret -p tcp://:11010 + - /etc/machine-id:/etc/machine-id:ro # Map host machine code + command: -d --network-name --network-secret -p tcp://public.easytier.cn:11010 ``` ::: -5. **One-Click Installation Script (Linux Only)** + *** - ```bash - wget -O /tmp/easytier.sh "https://raw.githubusercontent.com/EasyTier/EasyTier/main/script/install.sh" && bash /tmp/easytier.sh install - ``` +4. **One-Click Installation Script (Linux Only)** -6. **Install from Source** + Note: The one-click script depends on `unzip`, please download and install it in advance. - ```sh [cargo] - cargo install --git https://github.com/EasyTier/EasyTier.git easytier + ```bash + wget -O /tmp/easytier.sh "https://raw.githubusercontent.com/EasyTier/EasyTier/main/script/install.sh" && sudo bash /tmp/easytier.sh install --gh-proxy https://ghfast.top/ ``` -## Third-Party Tools - -- [EasyTier Game (Windows)](/guide/gui/easytier-game) -- [EasyTier Manager (Windows)](/guide/gui/easytier-manager) -- [luci-app-easytier (OpenWrt)](https://github.com/EasyTier/luci-app-easytier) - -## FAQ {#faq} - -### Question 1 - -Q: Unable to create a network on Windows 7, the program crashes or reports an error that it cannot create a virtual network. + After the script executes successfully, EasyTier's binary programs will be installed in the `/opt/easytier` directory, and the configuration file is located at `/opt/easytier/config/default.conf`. -A: Windows 7 requires SP1 or above, and the installation of [KB3063858](https://www.microsoft.com/en-us/download/details.aspx?id=47409) and [KB4474419](https://www.catalog.update.microsoft.com/search.aspx?q=KB4474419) patches. + The configuration file can be generated through the [Configuration File Generator](https://easytier.cn/web/index.html#/config_generator). -### Question 2 + EasyTier will be registered as a system service and can be managed with the following commands: -Q: The Linux command line help is in English, how to change it to Chinese? - -A: You need to set the environment variable LANG=zh_CN, command: `export LANG=zh_CN` + ```bash + systemctl start easytier@default + ``` -### Question 3 + *** -Q: TunError is prompted after startup. +5. **Install from Source** -A: Ensure that the TUN driver is correctly loaded and the `/dev/net/tun` file exists. If using Docker, make sure to enable privileged mode. The method to load the Linux TUN driver is: + ```sh [cargo] + cargo install --git https://github.com/EasyTier/EasyTier.git easytier + ``` -```bash -modprobe tun -mkdir /dev/net -sudo mknod /dev/net/tun c 10 200 -``` + Source installation requires Rust environment and LLVM installation. diff --git a/en/guide/installation_gui.md b/en/guide/installation_gui.md new file mode 100644 index 0000000..2f1a745 --- /dev/null +++ b/en/guide/installation_gui.md @@ -0,0 +1,42 @@ +# Installation (Graphical Interface) {#installation_gui} + +## EasyTier GUI + +Visit the [⬇️ Download Page](./download) to download the graphical interface program suitable for your operating system and hardware architecture, and install it directly. + +After successful installation, you can refer to the [Public Server Group Network](/guide/gui/basic) documentation to understand how to use the graphical interface tools. + +Please note that EasyTier GUI relies on WebView, and the following common issues may occur: + +1. On lower versions of Windows, WebView download may fail due to domestic network environment issues, making it impossible to download WebView components. Please manually install [WebView2](https://developer.microsoft.com/en-US/microsoft-edge/webview2/) or [Edge](https://www.microsoft.com/en-us/edge) browser. + +2. On lower versions of Android, styles may be lost, and display may be chaotic. Please manually update the WebView component in the app store. + +## Third-party Graphical Interfaces + +### [EasyTier Game (Windows)](/guide/gui/easytier-game) + +EasyTierGame is a game networking launcher developed using nuxt3, typescript, rust, and tauri. It features a simple interface and includes the latest version of the EasyTier core. When playing games, it provides the most comfortable experience both psychologically and in usage, while supporting custom configuration file launches to meet various needs. + +--- + +### [EasyTier Manager (Windows)](/guide/gui/easytier-manager) + +EasyTier Manager is a desktop application used to manage the EasyTier core. It provides visualized operations for adding, modifying, and deleting EasyTier configuration files. + +- Supports one-click start and stop of group networks through the interface. +- Supports modification of all existing core parameters, with all new and modified operations supporting both interface-based forms and text editor operations. +- Supports viewing current running logs through the interface. +- Supports one-click download of any version of the core (Note: Many parameters and features of older versions are not supported). + +--- + +### [Astral Game (Windows / Android / Linux)](/guide/gui/astral_ET) + +Astral is a cross-platform network application based on EasyTier, providing simple and easy-to-use P2P network connections and VPN services. Built with Flutter, its modern interface allows users to easily create and manage virtual networks. + +--- + +### [luci-app-easytier (OpenWrt)](https://github.com/EasyTier/luci-app-easytier) + +EasyTier's OpenWrt plugin provides methods for installing and configuring the EasyTier core on OpenWrt routers. The plugin supports completing the installation, configuration, and management of the EasyTier core within OpenWrt's LuCI interface. Users can conveniently configure the core, view running logs, restart the core, and perform other operations through the LuCI interface. diff --git a/en/guide/introduction.md b/en/guide/introduction.md index 745e4bf..94a65ce 100644 --- a/en/guide/introduction.md +++ b/en/guide/introduction.md @@ -1,23 +1,38 @@ -# Feature Overview +# Introduction -A simple, secure, decentralized SD-WAN solution for remote networking, implemented using Rust and the Tokio framework. +EasyTier is a simple, secure, decentralized tool for intranet penetration and remote networking, suitable for various scenarios such as remote work, remote access, and game acceleration. It requires no public IP and no complex configuration, enabling secure interconnection between devices in different locations with ease. -## Features +The software can be used via command line or graphical interface. It is ready to use after download, with no additional dependencies. -- **Decentralized**: No need to rely on centralized services, nodes are equal and independent. -- **Secure**: Supports encrypted communication using WireGuard, and also supports AES-GCM encryption to protect relay traffic. -- **High Performance**: Zero-copy throughout the entire link, performance comparable to mainstream networking software. -- **Cross-Platform**: Supports MacOS/Linux/Windows/FreeBSD/Android, with future support for IOS. Executable files are statically linked, making deployment simple. -- **Networking without Public IP**: Supports networking using shared public nodes, refer to [Configuration Guide](/guide/network/networking-without-public-ip) -- **NAT Traversal**: Supports UDP-based NAT traversal, enabling stable connections even in complex network environments. -- **Subnet Proxy (Point-to-Network)**: Nodes can expose accessible subnets as proxies to the virtual network, allowing other nodes to access these subnets through the node. -- **Intelligent Routing**: Intelligently selects links based on traffic to reduce latency and increase throughput. -- **TCP Support**: Provides reliable data transmission through concurrent TCP connections when UDP is restricted, optimizing performance. -- **High Availability**: Supports multipath and switches to healthy paths when high packet loss or network errors are detected. -- **IPV6 Support**: Supports networking using IPV6. +- [🛠️ CLI Installation Page](./installation) provides methods for installing the command-line tool. +- [🖥️ GUI Installation Page](./installation_gui) provides methods for installing the graphical interface tool. +- [⬇️ Download Page](./download) provides the latest EasyTier download links. -## GUI +## Applicable Scenarios -![alt text](/assets/image-6.png) +- **Remote Work**: Make computers at the company, home, and remote locations communicate as if they are on the same local network. +- **Remote Access**: Securely access home NAS, servers, or other devices anytime, anywhere. +- **Game Acceleration**: Build a virtual local area network to enjoy multiplayer games. +- **IoT Networking**: Securely interconnect devices distributed across different locations. -![alt text](/assets/image-7.png) +## Core Features + +- **Decentralized**: No reliance on central servers; all nodes are equal and independent, capable of forwarding and networking. +- **Secure Encryption**: Supports WireGuard and AES-GCM encryption to ensure data security. +- **Cross-Platform**: Supports MacOS, Linux, Windows, FreeBSD, Android, and will support iOS in the future. +- **Networking Without Public IP**: Enables networking using shared public nodes, see [Configuration Guide](/guide/network/networking-without-public-ip). +- **NAT Traversal**: Supports UDP NAT traversal for stable connections in complex network environments. +- **Intelligent Routing**: Automatically selects the best link to reduce latency and increase throughput. +- **High Availability**: Supports multipath and automatically switches to healthy links to improve stability. + +## Advanced Features + +- **KCP / QUIC Proxy**: Converts TCP traffic to KCP / QUIC protocol, improving transmission latency and stability in high UDP packet loss environments. +- **Non-Privileged Mode**: Supports running under non-privileged users, avoiding the need for root permissions (only as an accessed endpoint). +- **WireGuard Access**: Supports WireGuard client access to the EasyTier network. + +## Graphical Interface (GUI) + +EasyTier provides a simple and user-friendly graphical interface, suitable for beginners to get started quickly. + +EasyTier GUI Screenshot diff --git a/en/guide/license.md b/en/guide/license.md index c76f105..91b9c35 100644 --- a/en/guide/license.md +++ b/en/guide/license.md @@ -1,3 +1,3 @@ -# 许可证 +# License -EasyTier 基于 [Apache License 2.0](https://github.com/EasyTier/EasyTier/blob/main/LICENSE) 许可发布。 +EasyTier is released under the [LGPL 3.0](https://github.com/EasyTier/EasyTier/blob/main/LICENSE). diff --git a/en/guide/network/config-file.md b/en/guide/network/config-file.md index ad3c05f..85e1609 100644 --- a/en/guide/network/config-file.md +++ b/en/guide/network/config-file.md @@ -1,19 +1,27 @@ # Configuration File -You can specify the configuration file path using the -c parameter. +Supports using the -c parameter to specify the configuration file path. ```sh easytier-core -c ./config.yaml ``` ::: warning Note -Note: The configuration file has a higher priority. When a configuration file is specified at runtime, all other command line parameters except `-c` will be ignored and only the configuration file will take effect. +Note: Parameters in the configuration file can be overridden by command line parameters. For example, if `--hostname abc` is specified in the configuration file, but `--hostname xyz` is used in the command line, then the hostname parameter `xyz` from the command line will be used. ::: Running with parameters can generate a configuration file with the corresponding parameters. The configuration file will be printed in the command line, and you can manually copy and save it as a toml file. Running `easytier-core` directly without parameters will generate the minimal configuration file. +## Multiple Configuration Files Startup + +You can specify multiple configuration files through the `-c` parameter. EasyTier will load multiple configuration files in one process and start multiple virtual networks. + +```sh +easytier-core -c ./config1.yaml -c ./config2.yaml +``` + ## Configuration File Generator The official website provides a configuration file generator, which you can access via Configuration File Generator to generate configuration files. diff --git a/en/guide/network/configurations.md b/en/guide/network/configurations.md index 6a8c39f..95584c3 100644 --- a/en/guide/network/configurations.md +++ b/en/guide/network/configurations.md @@ -4,85 +4,94 @@ You can use `easytier-core --help` to view all configuration options. ## Basic Settings -- **Startup and Version** - - - `-h, --help`: Print help information. - - `-V, --version`: Print version information. - -- **Configuration File** - - - `-c, --config-file `: Path to the configuration file. If this option is set, all other options will be ignored. - -- **Instance Identification** - - `--hostname `: Hostname to identify this device. - - `-m, --instance-name `: Instance name, default is `default`. - -## Network Configuration - -- **Server and Network** - - - `-w, --config-server `: Configuration server address. - - `--network-name `: Network name, default is `default`. - - `--network-secret `: Network secret, default is empty. - -- **IP Configuration** - - `-i, --ipv4 `: IPv4 address of this node, empty means only forwarding packets. - - `-d, --dhcp`: Automatically set IP address, default starts from 10.0.0.1. - - `--dev-name `: Optional TUN interface name. - - `--mtu `: MTU of the TUN device, default is 1380 for non-encrypted, 1360 for encrypted. - -## Connection Management - -- **Listeners and Portals** - - - `-l, --listeners [...]`: Listeners to accept connections. - - `--mapped-listeners [...]`: Specify public addresses for listeners. - - `--no-listener`: Do not listen on any port. - - `--vpn-portal `: Define the URL of the VPN portal. - - `--rpc-portal `: Management RPC portal address, default is 15888. - -- **Nodes and Routing** - - `-p, --peers [...]`: Initial peers to connect to. - - `-e, --external-node `: Use public shared nodes to discover peers. - - `--exit-nodes [...]`: Exit nodes to forward all traffic. - - `--enable-exit-node`: Allow this node to become an exit node. - - `--manual-routes [...]`: Manually assign route CIDR. - - `--relay-network-whitelist [...]`: Only forward traffic for whitelisted networks. - -## Logging and Debugging - -- **Log Level** - - - `--console-log-level `: Console log level. - - `--file-log-level `: File log level. - -- **Log Storage** - - `--file-log-dir `: Directory to store log files. - -## Advanced Features - -- **Performance Optimization** - - - `--latency-first`: Latency first mode. - - `--multi-thread`: Run with multi-threading. - - `--disable-udp-hole-punching`: Disable UDP hole punching. - -- **Security and Privacy** - - - `-u, --disable-encryption`: Disable encryption, default is false. - - `--disable-ipv6`: Do not use IPv6. - - `--compression `: Compression algorithm to use, default is `none`. - -- **Proxy and Forwarding** - - - `--proxy-networks `: Export local networks to other peers. - - `--socks5 `: Enable socks5 server. - - `--ipv6-listener `: IPv6 listener URL. - - `--no-tun`: Do not create TUN device. - - `--use-smoltcp`: Enable smoltcp stack. - - `--bind-device `: Bind socket to physical device. - - `--relay-all-peer-rpc`: Forward all peer RPC packets. - -- **Communication Restrictions** - - `--disable-p2p`: Disable P2P communication. - - `--no-tun`: Do not create TUN device to use subnet proxy to access nodes. +### Configuration Server + +| Parameter | Description | +| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `-w, --config-server` | Configuration server address. Allowed formats: | +| | - Full URL: `--config-server udp://127.0.0.1:22020/admin` | +| | - Username only: `--config-server admin`, will use the official server | +| | [env: ET_CONFIG_SERVER=] | +| `--machine-id` | Web configuration server identifies machines through machine id, used for configuration recovery after disconnection and reconnection, must be unique and fixed. Default obtained from system. [env: ET_MACHINE_ID=] | +| `-c, --config-file` | Configuration file path, note: options configured in command line will override options in configuration file [env: ET_CONFIG_FILE=] | + +### Network Settings + +| Parameter | Description | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `--network-name` | Network name used to identify this VPN network [env: ET_NETWORK_NAME=] | +| `--network-secret` | Network secret, used to verify that this node belongs to the VPN network [env: ET_NETWORK_SECRET=] | +| `-i, --ipv4` | IPv4 address of this VPN node. If empty, this node will only forward packets and will not create a TUN device [env: ET_IPV4=] | +| `-d, --dhcp` | Automatically determine and set IP address by Easytier, default starts from 10.0.0.1. Warning: When using DHCP, if IP conflicts occur in the network, IP will be automatically changed. [env: ET_DHCP=] | +| `-p, --peers` | Peer nodes to connect to initially [env: ET_PEERS=] | +| `-e, --external-node` | Use public shared nodes to discover peer nodes [env: ET_EXTERNAL_NODE=] | +| `-n, --proxy-networks` | Export local network to other peer nodes in VPN, e.g.: `10.0.0.0/24`. Supports mapping to other CIDR, e.g.: `10.0.0.0/24->192.168.0.0/24` [env: ET_PROXY_NETWORKS=] | + +### RPC Settings + +| Parameter | Description | +| ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | +| `-r, --rpc-portal` | RPC portal address for management. Supports the following formats: | +| | - `0` means random port | +| | - `12345` means listen on localhost:12345 | +| | - `0.0.0.0:12345` means listen on all interfaces:12345 | +| | Default is `0`, first try `15888` | +| | [env: ET_RPC_PORTAL=] | +| `--rpc-portal-whitelist` | RPC portal whitelist, only allow these addresses to access RPC portal, e.g.: `127.0.0.1/32,127.0.0.0/8,::1/128` [env: ET_RPC_PORTAL_WHITELIST=] | + +### Listener Settings + +| Parameter | Description | +| -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `-l, --listeners` | Listeners for accepting connections, supports the following formats: | +| | - Port number: `<11010>`, means tcp/udp will listen on port 11010, ws/wss will listen on ports 11010 and 11011, wg will listen on port 11011. | +| | - URL: ``, where tcp can be tcp, udp, ring, wg, ws, wss protocols. | +| | - Protocol and port pair: ``, e.g. wg:11011, means use WireGuard protocol to listen on port 11011. | +| | [env: ET_LISTENERS=] | +| `--mapped-listeners` | Manually specify the public address of the listener, other nodes can use this address to connect to this node. E.g.: `tcp://123.123.123.123:11223`, can specify multiple. [env: ET_MAPPED_LISTENERS=] | +| `--no-listener` | Don't listen on any port, only connect to peer nodes [env: ET_NO_LISTENER=] | + +### Other Settings + +| Parameter | Description | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `--hostname` | Hostname used to identify this device [env: ET_HOSTNAME=] | +| `-m, --instance-name` | Instance name, used to identify this VPN node on the same machine [env: ET_INSTANCE_NAME=] | +| `--vpn-portal` | Define the URL of the VPN portal, allowing other VPN clients to connect. E.g.: `wg://0.0.0.0:11010/10.14.14.0/24` [env: ET_VPN_PORTAL=] | +| `--default-protocol` | Default protocol used when connecting to peer nodes [env: ET_DEFAULT_PROTOCOL=] | +| `-u, --disable-encryption` | Disable encryption for peer node communication, default is false, must be the same as peer nodes [env: ET_DISABLE_ENCRYPTION=] | +| `--multi-thread` | Use multi-threaded runtime, default is single-threaded [env: ET_MULTI_THREAD=] | +| `--disable-ipv6` | Don't use IPv6 [env: ET_DISABLE_IPV6=] | +| `--dev-name` | Optional TUN interface name [env: ET_DEV_NAME=] | +| `--mtu` | MTU of TUN device, default is 1380 when not encrypted, 1360 when encrypted [env: ET_MTU=] | +| `--latency-first` | Latency priority mode, will try to use the lowest latency path to forward traffic, default uses shortest path [env: ET_LATENCY_FIRST=] | +| `--exit-nodes` | Exit nodes for forwarding all traffic, virtual IPv4 addresses, priority determined by list order [env: ET_EXIT_NODES=] | +| `--enable-exit-node` | Allow this node to become an exit node [env: ET_ENABLE_EXIT_NODE=] | +| `--proxy-forward-by-system` | Forward subnet proxy packets through system kernel, disable built-in NAT [env: ET_PROXY_FORWARD_BY_SYSTEM=] | +| `--no-tun` | Don't create TUN device, can use subnet proxy to access nodes [env: ET_NO_TUN=] | +| `--use-smoltcp` | Enable smoltcp stack for subnet proxy and KCP proxy [env: ET_USE_SMOLTCP=] | +| `--manual-routes` | Manually assign route CIDR, will disable subnet proxy and wireguard routes propagated from peer nodes. E.g.: `192.168.0.0/16` [env: ET_MANUAL_ROUTES=] | +| `--relay-network-whitelist` | Only forward traffic from whitelisted networks, supports wildcard strings. Multiple network names can be separated by English spaces. [env: ET_RELAY_NETWORK_WHITELIST=] | +| `--disable-p2p` | Disable P2P communication, only forward packets through nodes specified by `--peers` [env: ET_DISABLE_P2P=] | +| `--disable-udp-hole-punching` | Disable UDP hole punching function [env: ET_DISABLE_UDP_HOLE_PUNCHING=] | +| `--relay-all-peer-rpc` | Forward RPC packets from all peer nodes, even if peer nodes are not in the relay network whitelist. [env: ET_RELAY_ALL_PEER_RPC=] | +| `--socks5` | Enable socks5 server, allowing socks5 clients to access virtual network. Format: ``, e.g.: `1080` [env: ET_SOCKS5=] | +| `--compression` | Compression algorithm to use, supports `none`, `zstd`. Default is `none` [env: ET_COMPRESSION=] | +| `--bind-device` | Bind the connector's socket to a physical device to avoid routing issues. [env: ET_BIND_DEVICE=] | +| `--enable-kcp-proxy` | Use KCP proxy for TCP streams, improving latency and throughput on UDP packet loss networks. [env: ET_ENABLE_KCP_PROXY=] | +| `--disable-kcp-input` | Don't allow other nodes to use KCP proxy TCP streams to this node. [env: ET_DISABLE_KCP_INPUT=] | +| `--enable-quic-proxy` | Use QUIC proxy for TCP streams, improving latency and throughput on UDP packet loss networks. [env: ET_ENABLE_QUIC_PROXY=] | +| `--disable-quic-input` | Don't allow other nodes to use QUIC proxy TCP streams to this node. [env: ET_DISABLE_QUIC_INPUT=] | +| `--port-forward` | Forward local ports to remote ports in virtual network. E.g.: `udp://0.0.0.0:12345/10.126.126.1:23456` [env: ET_PORT_FORWARD=] | +| `--accept-dns` | If true, enable Magic DNS. With Magic DNS, you can use domain names to access other nodes, e.g.: `.et.net` [env: ET_ACCEPT_DNS=] | +| `--private-mode` | If true, don't allow nodes using different network names and passwords from this network to handshake or relay through this node [env: ET_PRIVATE_MODE=] | +| `--foreign-relay-bps-limit` | Limit bandwidth for relayed traffic [env: ET_FOREIGN_RELAY_BPS_LIMIT=] | +| `--console-log-level` | Console log level [env: ET_CONSOLE_LOG_LEVEL=] | +| `--file-log-level` | File log level [env: ET_FILE_LOG_LEVEL=] | +| `--file-log-dir` | Directory to store log files [env: ET_FILE_LOG_DIR=] | + +--- + +For more configuration options, please refer to the output of `easytier-core --help`. + +--- diff --git a/en/guide/network/decentralized-networking.md b/en/guide/network/decentralized-networking.md index 495da78..972ad37 100644 --- a/en/guide/network/decentralized-networking.md +++ b/en/guide/network/decentralized-networking.md @@ -4,71 +4,88 @@ Most networking software is centralized, where all devices must connect to a cen EasyTier is decentralized, with no distinction between server and client. As long as one device can communicate with any node in the virtual network, it can join the virtual network. -## Two-Node Networking +## Two-Node Networking {#two-nodes} Assume the network topology of two nodes is as follows: ```mermaid flowchart LR - -subgraph Node A IP 22.1.1.1 -nodeA[EasyTier
10.144.144.1] +subgraph Node A [Physical NIC IP: 22.1.1.1] + nodeA[EasyTier
Virtual IP: 10.144.144.1] end - -subgraph Node B IP 33.1.1.1 -nodeB[EasyTier
10.144.144.2] +subgraph Node B [Physical NIC IP: 33.1.1.1] + nodeB[EasyTier
Virtual IP: 10.144.144.2] end - nodeA <-----> nodeB - ``` -1. Execute on Node A: +### Steps + +1. Run the following command on Node A: ```sh sudo easytier-core -i 10.144.144.1 ``` -2. Execute on Node B: + - `-i` specifies the virtual network IP address. + + After startup, this node will listen on the following ports by default: + + | Protocol | Default Port | + | ------------- | ------------ | + | TCP | 11010 (TCP) | + | UDP | 11010 (UDP) | + | WebSocket | 11011 (TCP) | + | WebSocket SSL | 11012 (TCP) | + | WireGuard | 11013 (UDP) | + + You can specify listening ports through the `-l` parameter, for example: + + | Parameter Example | Description | + | --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | + | `-l 12345` | Change the base port to 12345, then listening ports are: TCP: 12345, UDP: 12345, WebSocket: 12346, WebSocket SSL: 12347, WireGuard: 12348 | + | `-l tcp:11010 -l udp:11011` | Change TCP port to 11010, UDP port to 11011, only listen on these two ports. Supported protocols are `tcp`, `udp`, `ws`, `wss`, `wg` | + | `--no-listener` | Disable port listening, which will affect the establishment of non-hole-punching connections. | + +2. Run the following command on Node B: ```sh sudo easytier-core -d -p udp://22.1.1.1:11010 ``` - Here, `-d` represents DHCP mode, and EasyTier will automatically obtain an IP address. + - `-d` represents DHCP mode, automatically assign virtual IP. + - `-p` specifies the public address and port of Node A. ## Three-Node Networking -Based on the previous two-node networking example, the third node C can join the virtual network by connecting to either Node A or Node B. +Based on two-node networking, the third node C can join the virtual network by connecting to Node A or Node B. -Assume it connects to Node A, the network topology is as follows: +Assume networking by connecting to Node A, the network topology is as follows: ```mermaid - flowchart LR - -subgraph Node A IP 22.1.1.1 -nodeA[EasyTier
10.144.144.1] +subgraph Node A [Physical NIC IP: 22.1.1.1] + nodeA[EasyTier
Virtual IP: 10.144.144.1] end - -subgraph Node C -nodeC[EasyTier
10.144.144.3] +subgraph Node C [Newly Added] + nodeC[EasyTier
Virtual IP: 10.144.144.3] end - -subgraph Node B IP 33.1.1.1 -nodeB[EasyTier
10.144.144.2] +subgraph Node B [Physical NIC IP: 33.1.1.1] + nodeB[EasyTier
Virtual IP: 10.144.144.2] end - nodeA <-----> nodeB - nodeC <-----> nodeA - ``` -Execute on Node C: +### Steps -```sh -sudo easytier-core -d -p udp://22.1.1.1:11010 -``` +1. Run the following command on Node C: + + ```sh + sudo easytier-core -d -p udp://22.1.1.1:11010 + ``` + + - `-d` represents DHCP mode, automatically assign virtual IP. + - `-p` specifies the public address and port of Node A. -Then C can communicate with A and B through the virtual network. +Subsequently, Node C can communicate with Node A and Node B through the virtual network. diff --git a/en/guide/network/fast-networking.md b/en/guide/network/fast-networking.md deleted file mode 100644 index 7babb80..0000000 --- a/en/guide/network/fast-networking.md +++ /dev/null @@ -1,178 +0,0 @@ -# Fast Networking - -## Networking with Shared Nodes - -When you don't have a public IP, you can use the free shared nodes provided by the EasyTier community to quickly set up a network. After successfully networking between nodes, NAT traversal will be attempted automatically to establish a P2P connection. Before successful P2P, the shared nodes will help forward data. - -Assume there are two nodes A and B: - -1. Execute on node A (please replace abc with a more complex network name to avoid connection failure due to network name conflict) - - ```sh - sudo easytier-core -i 10.144.144.1 --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 - ``` - - > `-i` specifies the virtual network IP address, default /24 subnet; - > - > `--network-name` and `--network-secret` represent the network name and network secret; - > - > `-p` specifies the node address, here using the official shared node. - -2. Execute on node B - - ```sh - sudo easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 - ``` - - > `-d` represents DHCP mode, EasyTier will automatically obtain an IP address. - -3. Test connectivity - - The two nodes should successfully connect and be able to communicate within the virtual subnet. You can execute the following on node B to test. - - ```sh - ping 10.144.144.1 - ``` - -::: warning Note -Some systems have firewalls enabled by default, which may block inbound traffic, causing the virtual IP to be unreachable or various services to be inaccessible. You need to manually disable the firewall or add rules. -::: - -## Check Virtual Network Status - -After starting easytier-core, you can use easytier-cli for management. - -- View node information in the virtual network - -```sh -easytier-cli peer -``` - -| ipv4 | hostname | cost | lat_ms | loss_rate | rx_bytes | tx_bytes | tunnel_proto | nat_type | id | -| :----------- | :------- | :--- | :----- | :-------- | :------- | :------- | :----------- | :------- | :-------- | -| 10.144.144.1 | abc-dec | 1 | 3.452 | 0 | 17.33kB | 20.42kB | udp | FullCone | 390879727 | - -- View virtual network routing information - -```sh -easytier-cli route -``` - -| ipv4 | hostname | proxy_cidrs | next_hop_ipv4 | next_hop_hostname | next_hop_lat | cost | -| :----------- | :------- | :---------- | :------------ | :---------------- | :----------- | :--- | -| 10.144.144.1 | abc-dec | | DIRECT | | 3.646 | 1 | - -- View information of the local node - -```sh -easytier-cli node -``` - -``` -┌───────────────┬──────────────────────┐ -│ Virtual IP │ 10.144.144.1 │ -├───────────────┼──────────────────────┤ -│ Hostname │ archlinux-base │ -├───────────────┼──────────────────────┤ -│ Proxy CIDRs │ 10.147.223.0/24 │ -├───────────────┼──────────────────────┤ -│ Peer ID │ 2616333191 │ -├───────────────┼──────────────────────┤ -│ Public IP │ 75.52.125.26 │ -├───────────────┼──────────────────────┤ -│ UDP Stun Type │ FullCone │ -├───────────────┼──────────────────────┤ -│ Listener 1 │ tcp://0.0.0.0:11010 │ -├───────────────┼──────────────────────┤ -│ Listener 2 │ udp://0.0.0.0:11010 │ -├───────────────┼──────────────────────┤ -│ Listener 3 │ wg://0.0.0.0:11011 │ -├───────────────┼──────────────────────┤ -│ Listener 4 │ ws://0.0.0.0:11011/ │ -├───────────────┼──────────────────────┤ -│ Listener 5 │ wss://0.0.0.0:11012/ │ -├───────────────┼──────────────────────┤ -│ Listener 6 │ udp://[::]:37039 │ -└───────────────┴──────────────────────┘ -``` - -## Using Multiple Shared Nodes - -To avoid virtual network unavailability due to a single shared node failure, you can connect to multiple shared nodes simultaneously. Just specify multiple `-p` parameters, such as: `-p tcp://1.1.1.1:11010 -p udp://1.1.1.2:11011`. Each node in the virtual network should specify the same list of public servers. - -This relies on the shared node cluster feature supported by EasyTier. Assume there are two shared nodes A and B, which are interconnected to form a cluster. When C and D want to network, they can connect to both A and B simultaneously. This way, even if A or B fails, C and D can still communicate. The networking mode is shown in the diagram: - -```mermaid - -flowchart LR - -subgraph Node C -nodeC[Node C
Network Name: abc] -end - -subgraph Shared Node A -nodeA[Shared Node A
Network Name: Public] -end - -subgraph Shared Node B -nodeB[Shared Node B
Network Name: Public] -end - -subgraph Node D -nodeD[Node D
Network Name: abc] -end - -nodeA <-----> nodeB - -nodeC <-----> nodeA -nodeC <-----> nodeB - -nodeA <-----> nodeD -nodeB <-----> nodeD - -``` - -Even in the case of network partitioning, where C can only connect to A and D can only connect to B, C and D can still communicate. - -```mermaid - -flowchart LR - -subgraph Node C -nodeC[Node C
Network Name: abc] -end - -subgraph Shared Node A -nodeA[Shared Node A
Network Name: Public] -end - -subgraph Shared Node B -nodeB[Shared Node B
Network Name: Public] -end - -subgraph Node D -nodeD[Node D
Network Name: abc] -end - -nodeA <-----> nodeB - -nodeC <-----> nodeA - -nodeB <-----> nodeD - -``` - -## Joining Multiple Virtual Networks Simultaneously - -EasyTier supports running multiple processes on the same device, each joining a different virtual network by using different parameters at startup. Note that the virtual IP subnets of multiple virtual networks should not overlap, otherwise routing conflicts will occur. - -Additionally, when running multiple EasyTier instances, different listener ports need to be specified to avoid port conflicts. - -For example, you can start two EasyTier processes with the following commands: - -```sh -sudo easytier-core --network-name net1 -p tcp://public.easytier.cn:11010 -l 11010 -sudo easytier-core --network-name net2 -p tcp://public.easytier.cn:11010 -l 21010 -``` - -> `-l` specifies the listener port. diff --git a/en/guide/network/host-public-server.md b/en/guide/network/host-public-server.md index c8cd6d0..f9919a7 100644 --- a/en/guide/network/host-public-server.md +++ b/en/guide/network/host-public-server.md @@ -21,3 +21,13 @@ EasyTier can avoid forwarding network packets for other virtual networks and onl ``` easytier-core --relay-network-whitelist --relay-all-peer-rpc ``` + +## Private Mode + +If you want EasyTier to only provide services in your virtual network and don't want nodes from other virtual networks to connect to your node, you can start EasyTier with the `--private-mode true` parameter. + +``` +sudo easytier-core --private-mode true --network-name my-network --network-secret my-secret +``` + +This will only allow nodes with network name `my-network` and key `my-secret` to connect to this EasyTier node. diff --git a/en/guide/network/install-as-a-windows-service.md b/en/guide/network/install-as-a-windows-service.md index 3736d7d..b868020 100644 --- a/en/guide/network/install-as-a-windows-service.md +++ b/en/guide/network/install-as-a-windows-service.md @@ -1,151 +1,73 @@ # Install as a Windows Service -> Thanks to BeiChen℃ for providing the tutorial +> Thanks to BeiChen℃ for providing the tutorial, and dawn-lc for providing the one-click install/uninstall script -On Windows systems, installing certain applications as services allows them to run automatically in the background without manual intervention. This greatly improves the stability and convenience of the application. In this guide, we will use NSSM (Non-Sucking Service Manager) to install the easytier application as a Windows service and walk you through the entire process. +On Windows systems, installing certain applications as services allows them to run automatically in the background without manual intervention, greatly improving the stability and convenience of the application. -## 1. Preparation - -**Download NSSM**: - -Open your web browser and visit the NSSM official website [https://nssm.cc/download](https://nssm.cc/download). - -On the website, locate the version appropriate for your system (usually the latest version) and click the download link to save it locally. - -Once downloaded, extract the zip file to your chosen local directory, for example, `D:\NSSM`. - -**Download the easytier Application**: - -Find the download link for the latest version of `easytier-windows-x86_64-v2.2.0.zip` and download it locally. - -After downloading, extract the zip file to a directory on your system, for instance, `D:\Program Files\EasyTier`. - -## 2. Installing as a Windows Service - -**Open Command Prompt or PowerShell**: - -Press `Win + R` to open the Run dialog box. - -Type `cmd` (for Command Prompt) or `powershell` (for PowerShell) and click "OK". - -**Navigate to the NSSM Directory**: - -In Command Prompt or PowerShell, use the `cd` command to change to the directory where NSSM was extracted. For example, if NSSM was extracted to `D:\NSSM`, type: - -``` -cd D:\NSSM -``` - -and press Enter. - -**Install the Service**: - -Type the following command to install the service: - -``` -nssm.exe install easytier_service -``` - -Press Enter. This will open the NSSM configuration window. +This tutorial will use NSSM (Non-Sucking Service Manager) to install the EasyTier application as a Windows service as an example, and provide a detailed explanation of the entire operation process. -## 3. Configuring Service Parameters - -**Set the Path**: - -In the NSSM configuration window, locate the "Path" field. - -Enter the full path to `easytier-core.exe`. For example, if `easytier-core.exe` is in the `D:\Program Files\EasyTier` directory, enter: - -``` -D:\Program Files\EasyTier\easytier-core.exe -``` - -**Set the Startup Directory**: - -Find the "Startup directory" field and enter the directory where `easytier-core.exe` is located, e.g., `D:\Program Files\EasyTier`. - -**Set Arguments**: - -In the "Arguments" field, enter any startup parameters you require. For example: - -``` --i 10.10.10.2 --network-name easytier --network-secret easytier --peers tcp://public.easytier.top:11010 -``` - -Customize these parameters according to your needs. - -![easytier nssm](/assets/win-service.png) - -**Save the Configuration and Close the Window**: - -After setting the parameters, click the "Edit service" button in the NSSM window to save the configuration and close the window. The `easytier_service` is now installed and configured. - -## 4. Removing the Service - -If you need to remove the installed service, follow these steps: - -**Open Command Prompt or PowerShell**: - -Press `Win + R`, enter `cmd` (for Command Prompt) or `powershell` (for PowerShell), and click "OK". - -**Navigate to the NSSM Directory**: +## 1. Preparation -Change to the NSSM extraction directory with: +**Download EasyTier Application**: -``` -cd D:\NSSM -``` +Download the latest version of the `Windows` operating system `command line program` compressed package. -Press Enter. +After downloading, extract the compressed package to a local directory, such as `D:\EasyTier`. -**Remove the Service**: +The current directory should contain at least the following files: -Type the command: +- `easytier-core.exe` (core program) +- `easytier-cli.exe` (command line tool) +- `Packet.dll` (runtime library) +- `wintun.dll` (runtime library) -``` -nssm.exe remove easytier_service -``` +**Download NSSM**: -Press Enter. Follow the prompts to complete the removal of the service. +Open your browser and visit the NSSM official website [https://nssm.cc/](https://nssm.cc/download). -## 5. Checking Connection Status +On the official website page, find the version suitable for your system (usually the latest version), click the download link to download it locally. -To conveniently use `easytier-cli.exe` to check connection status, you can choose one of the following methods: +After downloading, find the version corresponding to your device architecture (such as: `win64`), and extract the `nssm.exe` from it to the local directory where `EasyTier` is located. -**Register to the Environment Variables**: +**Download Install/Uninstall Script**: -Right-click on "This PC" and select "Properties". +Start PowerShell in the current directory and execute the following commands: -In the window that opens, click on "Advanced system settings" on the left. +`iwr "https://github.com/EasyTier/EasyTier/raw/refs/heads/main/script/install.cmd" -OutFile "install.cmd"` -In the "System Properties" window, go to the "Advanced" tab and click the "Environment Variables" button. +`iwr "https://github.com/EasyTier/EasyTier/raw/refs/heads/main/script/uninstall.cmd" -OutFile "uninstall.cmd"` -Under "System variables", locate the "Path" variable and click "Edit". +## 2. Preparation Work -In the "Edit environment variable" window, click "New" and add the directory path where `easytier-cli.exe` is located. For example, if it is in `D:\Program Files\EasyTier`, add: +1. Ensure the current directory contains the following files: -``` -D:\Program Files\EasyTier -``` + - `easytier-core.exe` (core program) + - `easytier-cli.exe` (command line tool) + - `nssm.exe` (service management tool) + - `Packet.dll` (runtime library) + - `wintun.dll` (runtime library) + - `install.cmd` (install script) + - `uninstall.cmd` (uninstall script) -Click "OK" to save your changes and close all the windows. +2. Place the entire folder in a fixed location. -**Place into a Specific Directory**: +## 3. Install Service -Copy the `easytier-cli.exe` file to the `C:\Users\Administrator` directory (replace `Administrator` with your actual Windows username). +1. Run `install.cmd` +2. Follow the prompts to enter configuration information. +3. After installation is complete, the service will start automatically. -Open any Command Prompt or PowerShell window, type: +## 4. Uninstall Service -``` -easytier-cli.exe peer -``` +1. Run `uninstall.cmd` +2. The script will automatically stop and delete the service. -and press Enter to check the connection status. +## 5. Notes -## 6. Notes +1. Do not move the program file location after installation -Once registered as a service, the program (i.e., `easytier-core.exe`) should not be arbitrarily modified, deleted, or moved. If you need to perform such actions, you must first remove the service and then re-register it or modify the Windows registry accordingly. +## 6. Common Questions -Ensure that the service parameters are correctly configured; otherwise, the service might not start properly. +**Q: How to modify service configuration?** -Exercise caution when editing environment variables to avoid removing or altering other important variables. +A: First uninstall the service, then reinstall it diff --git a/en/guide/network/kcp-proxy.md b/en/guide/network/kcp-proxy.md index 31fabf7..423745e 100644 --- a/en/guide/network/kcp-proxy.md +++ b/en/guide/network/kcp-proxy.md @@ -4,43 +4,75 @@ EasyTier typically uses the UDP protocol to transmit IP packets within the virtu To address this issue, EasyTier provides a KCP proxy feature that can proxy TCP connections in the virtual network and convert them to KCP for transmission. Thanks to KCP's more aggressive retransmission mechanism, it effectively reduces packet loss and improves TCP transmission speeds within the virtual network. +## Network Topology + +Assume the network topology is as follows: + ```mermaid graph LR - A[Application Client] -->|TCP| B(EasyTier
Node A) - B -->|KCP over UDP| C(EasyTier
Node B) + A[Application Client] -->|TCP| B(EasyTier
Node A) + B -->|KCP over UDP| C(EasyTier
Node B) C -->|TCP| D[Application Server] - classDef endpoint fill:#c1f0c1,stroke:#2d882d - classDef easy fill:#b3d9ff,stroke:#0066cc - classDef transport stroke:#ff6666,stroke-width:2px + classDef endpoint fill:#1e90ff,stroke:#ffffff,color:#ffffff + classDef easy fill:#4682b4,stroke:#ffffff,color:#ffffff + classDef transport stroke:#ffa500,stroke-width:2px class A,D endpoint class B,C easy - linkStyle 1 stroke:#ff6666,stroke-width:2px,stroke-dasharray:5 5 + linkStyle 1 stroke:#ffa500,stroke-width:2px,stroke-dasharray:5 5 style B stroke-width:2px style C stroke-width:2px ``` -## Using the KCP Proxy +## Using KCP Proxy -The KCP proxy feature requires that all EasyTier nodes in the virtual network be running version v2.2.0 or later. +### Enable KCP Proxy To proxy TCP traffic on Node A to the KCP protocol, simply start EasyTier on Node A with the `--enable-kcp-proxy` parameter. +```sh +sudo easytier-core --enable-kcp-proxy +``` + +- `--enable-kcp-proxy` enables the KCP proxy feature. + The KCP proxy ensures version compatibility by automatically reverting to the TCP protocol if it detects that the counterpart node does not support the KCP proxy. +### Switch to User-Space Network Stack + By default, the KCP proxy uses the kernel's network stack, which may not work correctly due to system firewall settings. You can try using the `--use-smoltcp` parameter to switch to the user-space network stack. -## Disabling KCP Input +```sh +sudo easytier-core --enable-kcp-proxy --use-smoltcp +``` + +- `--use-smoltcp` switches to the user-space network stack. + +### Disable KCP Input If you do not want traffic destined for a specific node to use the KCP protocol, start EasyTier on the target node with the `--disable-kcp-input` parameter. -For example, if you do not want Node B to receive KCP traffic, start EasyTier on Node B with the `--disable-kcp-input` parameter. In this case, even if Node A has enabled the KCP proxy, the traffic from Node A to Node B will continue to use the TCP protocol. +For example, if you do not want Node B to receive KCP traffic, start EasyTier on Node B with the following command: + +```sh +sudo easytier-core --disable-kcp-input +``` + +- `--disable-kcp-input` disables KCP inbound traffic. + +In this case, even if Node A has enabled the KCP proxy, the traffic from Node A to Node B will continue to use the TCP protocol. ## Subnet-to-Subnet KCP Support -If Node A is a router, and the subnet under A needs to access other EasyTier nodes or other proxied subnets, it can also use the KCP proxy. However, Node A must use the user-space network stack by specifying the `--use-smoltcp` parameter. Otherwise, the TCP protocol will still be used. +If Node A is a router, and the subnet under A needs to access other EasyTier nodes or other proxied subnets, it can also use the KCP proxy. However, Node A must use the user-space network stack by specifying the `--use-smoltcp` parameter. + +```sh +sudo easytier-core --enable-kcp-proxy --use-smoltcp +``` + +Otherwise, the TCP protocol will still be used. ## Checking KCP Proxy Status @@ -59,3 +91,36 @@ $ easytier-cli proxy │ 0.0.0.0:0 │ 10.147.223.1:80 │ 2025-02-07 10:41:18 UTC │ Connected │ Kcp │ └────────────────────┴───────────────────┴─────────────────────────┴───────────┴────────────────┘ ``` + +## QUIC Proxy + +EasyTier v2.3.2 introduced support for QUIC proxy, which works similarly to KCP proxy, but QUIC's BBR algorithm can achieve higher bandwidth in high packet loss environments (while KCP proxy can significantly reduce latency, but has a lower bandwidth ceiling). + +QUIC proxy can be enabled on the connection initiator side using the `--enable-quic-proxy` parameter. + +```sh +sudo easytier-core --enable-quic-proxy +``` + +QUIC proxy on the receiving end can be disabled using the `--disable-quic-input` parameter. + +```sh +sudo easytier-core --disable-quic-input +``` + +Both the sender and receiver can check the QUIC proxy connection status using the `easytier-cli proxy` command. + +```bash +$ easytier-cli proxy +┌────────────────────┬───────────────────┬─────────────────────────┬───────────┬────────────────┐ +│ src │ dst │ start_time │ state │ transport_type │ +├────────────────────┼───────────────────┼─────────────────────────┼───────────┼────────────────┤ +│ 10.126.126.7:51838 │ 10.147.223.128:22 │ 2025-02-07 10:39:08 UTC │ Connected │ Quic │ +└────────────────────┴───────────────────┴─────────────────────────┴───────────┴────────────────┘ +``` + +::: tip Note +QUIC and KCP proxies can be enabled simultaneously, but KCP proxy takes precedence over QUIC proxy. + +When both are enabled, QUIC proxy will only take effect after the destination end closes KCP input. +::: diff --git a/en/guide/network/magic-dns.md b/en/guide/network/magic-dns.md new file mode 100644 index 0000000..6c4c036 --- /dev/null +++ b/en/guide/network/magic-dns.md @@ -0,0 +1,17 @@ +# Magic DNS + +EasyTier supports a Magic DNS feature similar to Tailscale, allowing users to access other nodes via domain names without remembering virtual IP addresses. Simply add the `--accept-dns` parameter during startup to enable the Magic DNS feature. + +Magic DNS uses `100.100.100.101` as the default DNS server address. You can `ping` this address to test whether Magic DNS is successfully enabled. + +If Magic DNS is successfully enabled, and the hostname of Node A is `node-a`, other nodes can access Node A via `node-a.et.net`. + +```sh +ping node-a.et.net +``` + +Hostnames support Chinese characters. + +::: tip Note +Currently, Magic DNS only supports automatic configuration of system DNS on Windows and macOS. On Linux, you need to manually configure the DNS server to `100.100.100.101` for normal use. +::: diff --git a/en/guide/network/networking-without-public-ip.md b/en/guide/network/networking-without-public-ip.md new file mode 100644 index 0000000..867b971 --- /dev/null +++ b/en/guide/network/networking-without-public-ip.md @@ -0,0 +1,29 @@ +# Networking Without Public IP + +EasyTier supports networking using shared public nodes. Currently, the following shared public node has been deployed: + +`tcp://public.easytier.top:11010` + +When using shared nodes, each node entering the network needs to provide the same `--network-name` and `--network-secret` parameters as the unique identifier for the network. + +For example, with two nodes: + +Node A executes: + +```sh +sudo easytier-core -i 10.144.144.1 --network-name abc --network-secret abc -p tcp://public.easytier.top:11010 +``` + +Node B executes: + +```sh +sudo easytier-core --ipv4 10.144.144.2 --network-name abc --network-secret abc -p tcp://public.easytier.top:11010 +``` + +After successful execution, Node A can access Node B via the virtual IP `10.144.144.2`. + +`--ipv4 x.x.x.x` can be replaced with `-d` to enable DHCP functionality, allowing EasyTier to automatically allocate the IP address of this node based on other existing virtual IPs within the virtual network. + +Nodes can connect to multiple public servers. If one public server fails, nodes can still communicate using other active public servers. Simply specify multiple `-p` parameters, such as `-p tcp://1.1.1.1:11010 -p udp://1.1.1.2:11011`. Note that each node in the virtual network must specify the same list of public servers; otherwise, networking may not function properly. + +--- diff --git a/en/guide/network/oneclick-install-as-service.md b/en/guide/network/oneclick-install-as-service.md new file mode 100644 index 0000000..b273eb7 --- /dev/null +++ b/en/guide/network/oneclick-install-as-service.md @@ -0,0 +1,79 @@ +# One-Click Register Service + +EasyTier Cli provides a service registration command that can register EasyTier as a system service with one click on most systems. After registration, EasyTier will automatically start when the system boots and run in the background. + +Using this command requires `easytier-core` and `easytier-cli` to be in the same directory. After entering that directory, run the following command: + +::: code-group + +```sh [Linux] +# Assuming EasyTier's startup parameters are -w abc +sudo ./easytier-cli service install -w abc +``` + +```powershell [Windows] +# Assuming EasyTier's startup parameters are -w abc +.\easytier-cli.exe service install -w abc +``` + +::: + +The part after `install` will be used as startup parameters for `easytier-core`. + +After the service is successfully installed, you can use the following commands to manage the service: + +- Start service: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service start + ``` + + ```powershell [Windows] + .\easytier-cli.exe service start + ``` + + ::: + +- Stop service: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service stop + ``` + + ```powershell [Windows] + .\easytier-cli.exe service stop + ``` + + ::: + +- Check status: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service status + ``` + + ```powershell [Windows] + .\easytier-cli.exe service status + ``` + + ::: + +- Uninstall service: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service uninstall + ``` + + ```powershell [Windows] + .\easytier-cli.exe service uninstall + ``` + + ::: diff --git a/en/guide/network/point-to-networking.md b/en/guide/network/point-to-networking.md index b106100..268d117 100644 --- a/en/guide/network/point-to-networking.md +++ b/en/guide/network/point-to-networking.md @@ -52,34 +52,72 @@ easytier-core -n 10.1.1.0/24 -n 10.2.0.0/16 -n 10.3.3.3/32 ::: +## Firewall + +Since proxy traffic needs to use the system's network stack, the subnet proxy requires the firewall on the virtual network card to be disabled. + +- On Windows, you can add `easytier-core.exe` to the firewall exception list or directly disable the firewall. + +- On Linux, you can use `iptables` or `ufw` to allow INPUT and OUTPUT traffic on the virtual network card. + +- On OpenWrt, you can allow virtual network card traffic in the LUCI interface. + +If you cannot disable the firewall, you can try using a user-space network stack for the subnet proxy, which can avoid the need to configure the firewall. Simply add the `--use-smoltcp` parameter when starting EasyTier. + +::: warning Note + +The user-space protocol stack will be inferior to the kernel protocol stack in terms of performance, congestion control, etc. + +Currently, the `--use-smoltcp` parameter only affects the TCP protocol. UDP and ICMP will use the user-space protocol stack regardless of whether this parameter is used. + +::: + ## Manually Specifying Routes By default, when a node in the virtual network configures a subnet proxy, the subnet proxy segment will be synchronized to all nodes in the virtual network, and a route will be automatically generated to forward packets destined for these segments to the virtual network. This can simplify networking in most cases, but in some scenarios, users may not want EasyTier to automatically configure routes on the nodes. Users can manually configure the traffic to be forwarded to the virtual network using the `--manual-routes` parameter. -When using `--manual-routes`, only the segments configured with this parameter will enter the virtual network. If the list after this parameter is empty, EasyTier will not handle any traffic for non-virtual network segments. +When using `--manual-routes`, only the segments configured with this parameter will enter the virtual network. If the list after this parameter is empty, EasyTier will not handle any traffic for non-virtual network segments. For example: -## Firewall +```sh +sudo easytier-core --ipv4 10.144.144.2 -n 10.1.1.0/24 --manual-routes 10.1.1.0/24 +``` -Since proxy traffic needs to use the system's network stack, the subnet proxy requires the firewall on the virtual network card to be disabled (this applies to both Linux and Windows). +`--manual-routes` can be specified multiple times to configure multiple segments, with the same format as the `-n` parameter. -If disabling the firewall is not possible, you can try using a user-space network stack for the subnet proxy, which can avoid the need to configure the firewall. Simply add the `--use-smoltcp` parameter when starting EasyTier. +Then only traffic from the 10.1.1.0/24 segment will be handled by the virtual network on this node, and traffic from other segments will not enter the virtual network. -::: warning Note +## Network Segment Mapping -The user-space protocol stack will be inferior to the kernel protocol stack in terms of performance, congestion control, etc. +Assume the following scenario: Both node A and node B have subnets of `192.168.1.0/24` in their internal networks (same network segment but different physical networks). If nodes A and B want to proxy this network segment, they need to map this network segment to different virtual network segments. -Currently, the `--use-smoltcp` parameter only affects the TCP protocol. UDP and ICMP will use the user-space protocol stack regardless of whether this parameter is used. +The following commands map `192.168.1.0/24` to `10.1.1.0/24` on node A, and `192.168.1.0/24` to `10.2.2.0/24` on node B. + +```sh +# Run on node A +sudo easytier-core --ipv4 10.144.144.1 -n '192.168.1.0/24->10.1.1.0/24' + +# Run on node B +sudo easytier-core --ipv4 10.144.144.2 -n '192.168.1.0/24->10.2.2.0/24' +``` + +Other nodes in the virtual network can access the `192.168.1.X` proxied by node A by accessing `10.1.1.X`; and access the `192.168.1.X` proxied by node B by accessing `10.2.2.X`. +::: warning Note +The mapped network segment size must be the same as the original network segment size, otherwise EasyTier will fail to start. ::: ## Disabling Built-in NAT By default, the built-in NAT is enabled in the subnet proxy, which handles packet forwarding in user space. This allows non-gateway devices to act as subnet entry points while circumventing the limitations on packet forwarding across different operating systems. -If Easytier is operating on a gateway device, users can use the --proxy-forward-by-system parameter to delegate the forwarding of subnet proxy packets to the system kernel, in which case the built-in NAT will be disabled. +If Easytier is operating on a gateway device, users can use the `--proxy-forward-by-system` parameter to delegate the forwarding of subnet proxy packets to the system kernel, in which case the built-in NAT will be disabled. It is important to note that when this option is enabled, the packet forwarding of the subnet proxy will rely entirely on the operating system. Therefore, please ensure that the operating system's firewall, forwarding rules, routing rules, and other configurations are correctly set up. +## Network to Network + +The mutual access between the subnet under node A and the subnet under node B is called network to network. For network to network configuration, please refer to the [Network to Network](network-to-network) chapter. + --- diff --git a/en/guide/network/quick-networking.md b/en/guide/network/quick-networking.md new file mode 100644 index 0000000..258936e --- /dev/null +++ b/en/guide/network/quick-networking.md @@ -0,0 +1,227 @@ +# Quick Networking + +## Using Shared Nodes for Networking + +When you don't have a public IP, you can use the free shared nodes provided by the EasyTier community for quick networking. Nodes will automatically attempt NAT traversal and establish P2P connections. When P2P fails, data will be relayed through shared nodes. + +You can build a simple dual-node virtual network through the following steps: + +```mermaid +flowchart LR + S[Public Shared Node] + +subgraph Virtual Network abc + A[Node A] + B[Node B] +end + +A -->|Connect| S +B -->|Connect| S +A <-.->|P2P Direct| B +``` + +### Step Example + +Assuming there are two nodes A and B: + +#### 1. Run on Node A + +::: code-group + +```sh [Linux] +# Run with administrator privileges +./easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +```powershell [Windows] +# Run with administrator privileges +.\easytier-core.exe -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +::: + +- `-d` Automatically assign virtual IP, default allocation is `10.126.126.0/24` network segment, you can use `-i 10.11.11.0/24` to specify other virtual IPs. +- `--network-name` Specify the virtual network name (supports Chinese). Note: If it conflicts with other users' network names, it may cause networking failure. +- `--network-secret` Specify the password for the virtual network, used to protect network security. +- `-p` Specify the node address, here it's the official shared node, you can also use [other public nodes](https://easytier.gd.nkbpal.cn/status/easytier) + +#### 2. Run on Node B + +::: code-group + +```sh [Linux] +# Run with administrator privileges +./easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +```powershell [Windows] +# Run with administrator privileges +.\easytier-core.exe -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +::: + +- `-d` Indicates DHCP mode, automatically assign virtual IP +- `-p` Must specify the same shared node as Node A + +#### 3. Test Networking + +Test connectivity with Node A on Node B: + +```sh +ping 10.126.126.1 +ping 10.126.126.2 +``` + +::: warning Note +If you cannot ping through, it may be that the firewall is blocking incoming traffic. Please turn off the firewall or add allow rules. +::: + +#### 4. Join More Nodes + +You can continue running the same command on other nodes to join the same virtual network. + +## View Virtual Network Status + +After EasyTier starts, you can use easytier-cli to manage and view status. + +- View node information in the virtual network: + +```sh +easytier-cli peer +``` + +--- + +| ipv4 | hostname | cost | lat_ms | loss_rate | rx_bytes | tx_bytes | tunnel_proto | nat_type | id | +| :----------- | :------- | :--- | :----- | :-------- | :------- | :------- | :----------- | :------- | :-------- | +| 10.144.144.1 | abc-dec | 1 | 3.452 | 0 | 17.33kB | 20.42kB | udp | FullCone | 390879727 | + +- View virtual network routing information: + +```sh +easytier-cli route +``` + +--- + +| ipv4 | hostname | proxy_cidrs | next_hop_ipv4 | next_hop_hostname | next_hop_lat | cost | +| :----------- | :------- | :---------- | :------------ | :---------------- | :----------- | :--- | +| 10.144.144.1 | abc-dec | | DIRECT | | 3.646 | 1 | + +- View local node information: + +```sh +easytier-cli node +``` + +--- + +::: details Output Example + +``` +┌───────────────┬──────────────────────┐ +│ Virtual IP │ 10.144.144.1 │ +├───────────────┼──────────────────────┤ +│ Hostname │ archlinux-base │ +├───────────────┼──────────────────────┤ +│ Proxy CIDRs │ 10.147.223.0/24 │ +├───────────────┼──────────────────────┤ +│ Peer ID │ 2616333191 │ +├───────────────┼──────────────────────┤ +│ Public IP │ 75.52.125.26 │ +├───────────────┼──────────────────────┤ +│ UDP Stun Type │ FullCone │ +├───────────────┼──────────────────────┤ +│ Listener 1 │ tcp://0.0.0.0:11010 │ +├───────────────┼──────────────────────┤ +│ Listener 2 │ udp://0.0.0.0:11010 │ +├───────────────┼──────────────────────┤ +│ Listener 3 │ wg://0.0.0.0:11011 │ +├───────────────┼──────────────────────┤ +│ Listener 4 │ ws://0.0.0.0:11011/ │ +├───────────────┼──────────────────────┤ +│ Listener 5 │ wss://0.0.0.0:11012/ │ +├───────────────┼──────────────────────┤ +│ Listener 6 │ udp://[::]:37039 │ +└───────────────┴──────────────────────┘ +``` + +::: + +--- + +## Using Multiple Shared Nodes for Networking + +To improve availability, you can connect to multiple shared nodes simultaneously by specifying multiple `-p` parameters: + +```sh +-p tcp://1.1.1.1:11010 -p udp://1.1.1.2:11011 +``` + +It's recommended that all nodes specify the same shared node list. + +### Networking Principle Diagram + +The following diagram shows the networking mode under multiple shared node clusters: + +```mermaid +flowchart LR +subgraph Shared Nodes + nodeA[Shared Node A
Network Name: Public] + nodeB[Shared Node B
Network Name: Public] +end +subgraph Node C + nodeC[Node C
Network Name: abc] +end +subgraph Node D + nodeD[Node D
Network Name: abc] +end +nodeA <--> nodeB +nodeC <--> Shared Nodes +nodeD <--> Shared Nodes +``` + +Even if network partitioning occurs, where C can only connect to A and D can only connect to B, C and D can still communicate: + +```mermaid +flowchart LR +subgraph Node C + nodeC[Node C
Network Name: abc] +end +subgraph Shared Nodes + nodeA[Shared Node A
Network Name: Public] + nodeB[Shared Node B
Network Name: Public] +end +subgraph Node D + nodeD[Node D
Network Name: abc] +end +nodeA <--> nodeB +nodeC <--> nodeA +nodeB <--> nodeD +``` + +--- + +## Joining/Building Multiple Virtual Networks Simultaneously + +EasyTier supports running multiple processes on the same device, with each process joining different virtual networks. Note: + +- Virtual IP network segments of different virtual networks cannot overlap, otherwise routing conflicts will occur; +- When starting multiple instances, different listening ports must be specified, otherwise port conflicts will occur. + +Example: + +```sh +# Run with administrator privileges +./easytier-core --network-name net1 -p tcp://public.easytier.cn:11010 -l 11010 +./easytier-core --network-name net2 -p tcp://public.easytier.cn:11010 -l 21010 +``` + +- `-l` Specify the listening port. + +--- + +## Setting Up Shared Nodes + +If you want to set up your own shared nodes, you can refer to the [Hosting Public Server](host-public-server) documentation. diff --git a/en/guide/network/use-easytier-with-wireguard-client.md b/en/guide/network/use-easytier-with-wireguard-client.md index e8002db..2251cc1 100644 --- a/en/guide/network/use-easytier-with-wireguard-client.md +++ b/en/guide/network/use-easytier-with-wireguard-client.md @@ -2,36 +2,43 @@ EasyTier can be used as a WireGuard server, allowing any device with a WireGuard client installed to access the EasyTier network. For platforms currently not supported by EasyTier (such as iOS), this method can be used to connect to the EasyTier network. -Assume the network topology is as follows: +## Network Topology + +Assume the network topology is as follows, where node A and node B use the [two-node networking](decentralized-networking#two-nodes) method, and node B proxies the `10.1.1.0/24` subnet through [subnet proxy](point-to-networking). ```mermaid flowchart LR +ios[[iPhone
with WireGuard installed]] -ios[[iPhone
with WireGuard installed]] - -subgraph Node A IP 22.1.1.1 -nodea[EasyTier
10.144.144.1] +subgraph Node A [Public IP: 22.1.1.1] + nodea[EasyTier
Virtual IP: 10.144.144.1] end subgraph Node B -nodeb[EasyTier
10.144.144.2] + nodeb[EasyTier
Virtual IP: 10.144.144.2] end -id1[[10.1.1.0/24]] +id1[[Subnet
10.1.1.0/24]] ios <-.-> nodea <--> nodeb <-.-> id1 ``` -We need the iPhone to access the EasyTier network through Node A, and the configuration can be as follows: +We need the iPhone to access the EasyTier network through node A, and the configuration can be as follows. + +## Configuration Steps -In the easytier-core command on Node A, add the --vpn-portal parameter to specify the port WireGuard listens on and the subnet used by the WireGuard network. +### 1. Configure Node A + +In the `easytier-core` command on node A, add the `--vpn-portal` parameter to specify the port WireGuard listens on and the subnet used by the WireGuard network. ```sh -# The following parameters mean: listen on port 11013 on 0.0.0.0, WireGuard uses the 10.14.14.0/24 subnet +# The following parameters mean: listen on 0.0.0.0:11013 port, WireGuard uses the 10.14.14.0/24 subnet sudo easytier-core --ipv4 10.144.144.1 --vpn-portal wg://0.0.0.0:11013/10.14.14.0/24 ``` -After easytier-core starts successfully, use easytier-cli to get the WireGuard Client configuration. +### 2. Get WireGuard Client Configuration + +After `easytier-core` starts successfully, use `easytier-cli` to get the WireGuard client configuration. ```sh $> easytier-cli vpn-portal @@ -49,9 +56,23 @@ Endpoint = 0.0.0.0:11013 # should be the public ip of the easytier server connected_clients: [] - ``` -Before using the Client Config, you need to modify the Interface Address and Peer Endpoint to the client's IP and the EasyTier node's IP, respectively. Import the configuration file into the WireGuard client to access the EasyTier network. +## Using Client Configuration + +Before using the Client Config, you need to modify the following fields to actual values: + +- **Interface Address**: Modify to the client's IP, such as `10.14.14.1/24`. If connecting multiple WireGuard clients, ensure each client has a different IP. +- **Peer Endpoint**: Modify to the public IP and port of EasyTier node A `22.1.1.11:11013`. + +Import the configuration file into the WireGuard client to access the EasyTier network. + +::: tip Note +If you need to support multiple clients, you can specify a larger subnet in the `--vpn-portal` parameter of `easytier-core`, such as `10.14.0.0/16`. +::: + +## Notes + +All traffic from WireGuard clients accessing the EasyTier virtual network will go through EasyTier node A. You need to ensure that node A's network connection is stable, and generally node A needs to have a public IP for convenient use. --- diff --git a/en/guide/network/web-console.md b/en/guide/network/web-console.md index 8d95a49..1102fe8 100644 --- a/en/guide/network/web-console.md +++ b/en/guide/network/web-console.md @@ -11,17 +11,33 @@ To use the Web Console for the first time, you need to register an account. [Reg If you want the EasyTier node to be managed by the Web Console, you need to specify the `--config-server` or `-w` parameter when starting, for example: ```sh -./easytier-core -w +sudo ./easytier-core -w ``` > Please replace `` with the username you registered on the Web Console. If the terminal shows messages like "Connection successful" or "Connected to server", it means Easytier Core has successfully connected to the Web Console server. +::: tip Note +The Web backend identifies devices and persists configurations through machine unique codes. By default, EasyTier automatically obtains the machine unique code from the system. If the machine code acquisition fails, it may cause configuration loss after restart. It is recommended to use the `--machine-id` parameter to specify the machine code, for example: + +```sh +sudo ./easytier-core -w --machine-id abc123 +``` + +Please ensure the machine code is unique and unchanged across all devices. **It is strongly recommended to manually specify the machine code in Docker environments.** +::: + ::: danger Note Only one EasyTier process on a machine can be managed by the Web Console. Having multiple processes may cause unexpected issues. ::: +::: tip Note + +You can specify the hostname displayed on the console using the `--hostname ` parameter. + +::: + ## Using the Web Console Log in to the [Web Console](https://easytier.cn/web#/) using the username and password you just registered. After logging in successfully, you will see the node list. @@ -35,4 +51,8 @@ After opening the device, click the green connect button. ![alt text](/assets/web-device-list.png) ![alt text](/assets/web-device-config.png) +Configure + +![alt text](/assets/web-device-run-network.png) + The subsequent configuration steps are the same as configuring a program with a GUI. diff --git a/en/index.md b/en/index.md index afad3b2..1c473d9 100644 --- a/en/index.md +++ b/en/index.md @@ -13,7 +13,7 @@ hero: actions: - theme: brand text: Get Started - link: /en/guide/installation + link: /en/guide/introduction - theme: alt text: Download link: /en/guide/download @@ -26,35 +26,32 @@ hero: features: - title: Decentralized - details: No distinction between client/server, no reliance on centralized services, nodes are equal and independent. + details: Nodes are equal and independent, no centralized services required.
No distinction between client/server. link: /en/guide/network/decentralized-networking - title: Easy to Use - details: | - Supports multiple usage methods via web, client, or command line, simple operation. -
- Supports one-click networking using shared nodes. + details: Web, client, command line multiple operation methods
Supports one-click networking link: /en/guide/network/web-console - title: Cross-Platform - details: | - Supports Windows, MacOS, Linux, FreeBSD, Android, etc. -
- Supports X86, ARM, MIPS, etc. hardware architectures. + details: Supports Win / MacOS / Linux / FreeBSD / Android
Compatible with X86 / ARM / MIPS architectures link: /en/guide/download - title: Secure - details: Supports AES-GCM or WireGuard encryption to protect transit traffic from man-in-the-middle attacks. + details: AES-GCM or WireGuard encryption
Prevents man-in-the-middle attacks link: / - title: Efficient NAT Traversal - details: Supports UDP-based NAT traversal and IPV6 traversal, in some cases can penetrate NAT4-NAT4 networks. + details: Supports UDP, IPv6 traversal
Can penetrate NAT4-NAT4 networks link: / - title: Subnet Proxy - details: Nodes can forward accessible subnets to the virtual network, allowing other nodes to access these subnets through the node. + details: Nodes can share subnets for other nodes to access. link: /en/guide/network/point-to-networking - title: Intelligent Routing - details: Supports latency-priority mode, automatically selects the optimal path, providing the best network experience. + details: Latency priority, automatic route selection
Provides the best network experience link: /en/guide/network/configurations - title: High Performance - details: Zero-copy throughout the entire link, performance comparable to mainstream networking software.
Communication between nodes supports multiple protocols such as TCP, UDP, QUIC, WG, etc. + details: Zero-copy throughout the entire link
Supports TCP / UDP / WSS / WG and other protocols link: /en/guide/perf + - title: UDP Loss Resistance + details: KCP / QUIC proxy
Optimizes latency and bandwidth in high packet loss environments + link: /en/guide/network/kcp-proxy --- ## Related Links @@ -64,15 +61,28 @@ features: - QQ Group: [949700262](https://qm.qq.com/q/wFoTUChqZW) - Telegram: https://t.me/easytier +## Acknowledgments + + + ## Sponsor {#sponsor} If you find EasyTier helpful, please consider sponsoring us. Software development and maintenance require a lot of time and effort, and your sponsorship will help us better maintain and improve EasyTier. -
- WeChat - Alipay +
+
+ WeChat +
+
+ Alipay +
diff --git a/guide/download.md b/guide/download.md index 2835e08..5a9e767 100644 --- a/guide/download.md +++ b/guide/download.md @@ -37,7 +37,7 @@ const packages = ref([ cli_pkg_tmpl: { "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/easytier-windows-x86_64-v{}.zip' }, - comment: "支持 Windows 8 及以上版本,Windows 7 仅支持 EasyTier v2.1.2 以下版本。" + comment: "Windows 7 需要是 SP1 及以上, 并且需要安装 KB3063858、KB4474419 这两个补丁,并关闭 QUIC 输入。" }, { os: "Windows", @@ -49,17 +49,6 @@ const packages = ref([ "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/easytier-windows-arm64-v{}.zip' }, }, - { - os: 'Windows 7', - arch: 'x86_64', - gui_pkg_tmpl: { - "exe": 'https://github.com/EasyTier/EasyTier/releases/download/v2.1.2/easytier-gui_2.1.2_x64-setup.exe' - }, - cli_pkg_tmpl: { - "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v2.1.2/easytier-windows-x86_64-v2.1.2.zip' - }, - comment: "Windows 7 需要是 SP1 及以上, 并且需要安装 KB3063858、KB4474419 这两个补丁。此版本为 EasyTier v2.1.2 版本。" - }, { os: "Linux", arch: "x86_64", @@ -113,6 +102,14 @@ const packages = ref([ cli_pkg_tmpl: {}, comment: "遇到显示界面显示异常,请尝试升级 WebView" }, + { + os: "Android Magisk 面具模块", + arch: "aarch64", + gui_pkg_tmpl: {}, + cli_pkg_tmpl: { + "zip": 'https://github.com/EasyTier/EasyTier/releases/download/v{}/Easytier-Magisk-v{}.zip' + }, + }, { os: "FreeBSD 13.2", arch: "x86_64", @@ -144,11 +141,12 @@ function renderUrlTmpl(url_tmpl: string): string { 您可以直接前往 [GitHub Release 页面](https://github.com/EasyTier/EasyTier/releases) 查看所有版本的下载链接,或者使用下面的表格查找适合您的版本。 -命令行程序的压缩包中包含三个可执行程序: +命令行程序的压缩包中包含四个可执行程序: - `easytier-core`:EasyTier 的核心程序 - `easytier-cli`:EasyTier 管理程序,启动 easytier-core 后,可以使用 easytier-cli 查看虚拟网信息 - `easytier-web`: 用于自建 EasyTier 的 Web 控制台后端,一般情况下无需自建,使用官方提供的 Web 控制台即可 +- `easytier-web-embed`: 与 `easytier-web` 功能相同,但内置了 Web 前端。 ## EasyTier v{{ version }} { #latest } diff --git a/guide/faq.md b/guide/faq.md new file mode 100644 index 0000000..63c7ab8 --- /dev/null +++ b/guide/faq.md @@ -0,0 +1,39 @@ +# 常见问题 {#faq} + +--- + +**Q:Windows 7 无法创建网络,程序崩溃或者报错无法创建虚拟网?** + +**A:** Windows 7 需为 SP1 及以上版本,并安装以下补丁: +- [KB3063858](https://www.microsoft.com/en-us/download/details.aspx?id=47409) +- [KB4474419](https://www.catalog.update.microsoft.com/search.aspx?q=KB4474419) + +--- + +**Q:Linux 命令行帮助是英文,如何切换为中文?** + +**A:** 设置环境变量 `LANG=zh_CN`,命令如下: + +```bash +export LANG=zh_CN +``` + +--- + +**Q:启动后提示 TunError 怎么办?** + +**A:** 请确认 TUN 驱动已正确加载,并且 `/dev/net/tun` 文件存在。如果在 Docker 中运行,请确保开启特权模式。Linux 下加载 TUN 驱动的命令如下: + +```bash +modprobe tun +mkdir -p /dev/net +sudo mknod /dev/net/tun c 10 200 +``` + +--- + +**Q:启动后报错 `Address already in use`?** + +**A:** 可能是端口冲突。请检查 11010 端口或启动参数指定的端口(如 `-l tcp:12345`)是否被其他程序占用。 + +--- diff --git a/guide/gui/basic.md b/guide/gui/basic.md index a224c7b..9c3b401 100644 --- a/guide/gui/basic.md +++ b/guide/gui/basic.md @@ -1,6 +1,6 @@ # 公共服务器组网 -当前提供一个小带宽公网服务器,方便没有公网服务器的朋友组网。大部分情况可以打洞 P2P 成功,若无法 P2P 成功,节点间带宽可能会比较低。 +GUI 默认使用官方共享节点组网,方便没有公网 IP 的朋友组网。大部分情况可以打洞 P2P 成功,若无法 P2P 成功,节点间带宽可能会比较低。 配置方法如图所示。 @@ -8,4 +8,4 @@ 配置完成后点击运行网络按钮即可,运行网络成功后的界面如图 -![running](/assets/cn/running.png) \ No newline at end of file +![running](/assets/cn/running.png) diff --git a/guide/gui/manual.md b/guide/gui/manual.md index 3e749da..12c47d4 100644 --- a/guide/gui/manual.md +++ b/guide/gui/manual.md @@ -4,3 +4,4 @@ EasyTier 不区分客户端服务端,且完全去中心化,新增节点只 ![手动组网](/assets/cn/manual.png) +需要注意节点 IP 输入后需要点击列表项确认,确认后节点地址以卡片形式显示。 diff --git a/guide/gui/subnet_proxy.md b/guide/gui/subnet_proxy.md index bb2b1b7..fa0aa95 100644 --- a/guide/gui/subnet_proxy.md +++ b/guide/gui/subnet_proxy.md @@ -4,4 +4,10 @@ 假设家中的设备在子网 192.168.1.0/24 网段中,想在公司访问家中的任意设备,则可在家中启动一个 EasyTier 节点,新增子网代理 192.168.1.0/24。公司的设备中无需任何额外配置,只需与家中节点成功组网,即可访问家中任意设备。 -![子网代理配置](/assets/cn/subnet.png) \ No newline at end of file +![子网代理配置](/assets/cn/subnet.png) + +需要注意网段输入后需要点击列表项确认,确认成功后网段转为卡片形式显示。 + +子网代理可以做网段映射 + +![子网代理配置](/assets/cn/subnet-mapping.png) diff --git a/guide/installation.md b/guide/installation.md index 5923d8f..ab86ab1 100644 --- a/guide/installation.md +++ b/guide/installation.md @@ -1,30 +1,46 @@ -# 安装 {#installation} +# 安装 (命令行程序) {#installation} + +本章节组仅介绍安装方式,阅读 [快速组网](/guide/network/quick-networking) 文档以了解参数含义和使用方法。 ## 安装方式 -1. **下载预编译的二进制文件(推荐)** +1. **手动下载命令行程序** - 访问 [⬇️下载页面](./download) 下载适用于您操作系统的二进制文件或安装包。 + 访问 [⬇️下载页面](./download) 下载适用于您操作系统和硬件架构的 EasyTier 命令行程序。下载后为 ZIP 压缩包,解压后既可直接使用。 -2. **通过 crates.io 安装** + ::: code-group - ```sh [cargo] - cargo install easytier + ```bash [Linux / MacOS / FreeBSD] + ./easytier-core --version + ``` + + ```powershell [Windows] + .\easytier-core.exe --version ``` -3. **DockerHub** + ::: + + *** - [DockerHub 镜像地址](https://hub.docker.com/layers/easytier/easytier) +2. **DockerHub** + + [DockerHub 镜像地址](https://hub.docker.com/r/easytier/easytier) ```sh [docker] # docker.io 镜像 docker pull easytier/easytier:latest + docker run -d --privileged --network host easytier/easytier:latest # 国内用户可以使用 DaoCloud 镜像 docker pull m.daocloud.io/docker.io/easytier/easytier:latest + docker run -d --privileged --network host m.daocloud.io/docker.io/easytier/easytier:latest ``` -4. **通过Docker Compose安装** + 请继续阅读 [快速组网](/guide/network/quick-networking) 文档以了解参数含义和使用方法。 + + *** + +3. **通过Docker Compose安装** ::: details docker-compose.yml @@ -58,51 +74,37 @@ volumes: - /etc/easytier:/root - /etc/machine-id:/etc/machine-id:ro # 映射宿主机机器码 - command: -i --network-name <用户> --network-secret <密码> -p tcp://<服务器地址>:11010 + command: -d --network-name <用户> --network-secret <密码> -p tcp://public.easytier.cn:11010 ``` ::: -5. **一键安装脚本 (仅 Linux)** + *** - ```bash - wget -O /tmp/easytier.sh "https://raw.githubusercontent.com/EasyTier/EasyTier/main/script/install.sh" && bash /tmp/easytier.sh install - ``` +4. **一键安装脚本(仅 Linux)** -6. **通过源码安装** + 注意:一键脚本依赖 `unzip`,请提前下载并安装。 - ```sh [cargo] - cargo install --git https://github.com/EasyTier/EasyTier.git easytier + ```bash + wget -O /tmp/easytier.sh "https://raw.githubusercontent.com/EasyTier/EasyTier/main/script/install.sh" && sudo bash /tmp/easytier.sh install --gh-proxy https://ghfast.top/ ``` -## 第三方工具 - -- [EasyTier Game ( Windows )](/guide/gui/easytier-game) -- [EasyTier Manager ( Windows )](/guide/gui/easytier-manager) -- [luci-app-easytier ( OpenWrt )](https://github.com/EasyTier/luci-app-easytier) - -## 常见问题 {#faq} - -### 问题 1 - -Q: Windows 7 无法创建网络,程序崩溃或者报错无法创建虚拟网。 + 脚本执行成功后,EasyTier 的二进程程序会安装到 `/opt/easytier` 目录下,配置文件位于 `/opt/easytier/config/default.conf`。 -A: win7 需要是 SP1 及以上, 并且需要安装 [KB3063858](https://www.microsoft.com/en-us/download/details.aspx?id=47409)、 [KB4474419](https://www.catalog.update.microsoft.com/search.aspx?q=KB4474419) 这两个补丁 + 配置文件可通过 [配置文件生成器](https://easytier.cn/web/index.html#/config_generator) 生成。 -### 问题 2 + EasyTier 会被注册为系统服务,可以通过以下命令管理: -Q: Linux 命令行帮助是英文,如何调整为中文。 - -A: 需要设置环境变量 LANG=zh_CN,命令: `export LANG=zh_CN` + ```bash + systemctl start easytier@default + ``` -### 问题 3 + *** -Q: 启动后提示 TunError +5. **通过源码安装** -A: 确认 TUN 驱动已经被正确加载,并且 `/dev/net/tun` 文件存在,如果使用 Docker,需要确保开启了特权模式。Linux TUN 驱动加载方法为: + ```sh [cargo] + cargo install --git https://github.com/EasyTier/EasyTier.git easytier + ``` -```bash -modprobe tun -mkdir /dev/net -sudo mknod /dev/net/tun c 10 200 -``` + 源码安装需要 Rust 环境,并且安装 LLVM。 diff --git a/guide/installation_gui.md b/guide/installation_gui.md new file mode 100644 index 0000000..9e9bef8 --- /dev/null +++ b/guide/installation_gui.md @@ -0,0 +1,44 @@ +# 安装 (图形界面) {#installation_gui} + +## EasyTier GUI + +访问 [⬇️下载页面](./download) 下载适用于您操作系统和硬件架构的图形界面程序,并安装即可。 + +安装成功后可阅读 [公共服务器组网](/guide/gui/basic) 文档以了解图形界面工具的使用方法。 + +需要注意,EasyTier GUI 依赖 WebView,可能有以下常见问题: + +1. 在低版本 Windows 上 WebView 下载失败,由于国内网络环境问题,可能无法下载 WebView 组件。请手动安装 [WebView2](https://developer.microsoft.com/zh-CN/microsoft-edge/webview2/) 或 [Edge](https://www.microsoft.com/zh-cn/edge) 浏览器。 + +2. 在低版本 Android 上样式丢失,显示混乱。请在应用商店中手动更新 WebView 组件。 + +## 第三方图形界面 + +### [EasyTier Game ( Windows )](/guide/gui/easytier-game) + + EasyTierGame 游戏联机启动器,由 nuxt3 typescript rust tauri 开发 具有简易的界面,附带最新版 easytier 内核,联机游玩的时候无论是心理上和使用上都能给予您最舒服的体验,同时支持自定义配置文件启动,满足各种需求 + +--- + +### [EasyTier Manager ( Windows )](/guide/gui/easytier-manager) + + EasyTier 管理器是用来管理 EasyTier 内核的一个桌面应用,用于可视化的新增、修改、删除 EasyTier 的配置文件。 + + - 支持界面化的一键启动、停止组网 + - 支持修改所有内核已有参数,所有新增、修改操作都支持界面化表单操作和文本编辑器操作 + - 支持界面化查看当前运行日志 + - 支持一键下载任意版本的内核 ( 请注意,旧版本很多参数特性不支持 ) + +--- + +### [Astral Game ( Windows / Android / Linux )](/guide/gui/astral_ET) + + Astral 是一个基于 EasyTier 的跨平台网络应用,提供简单易用的 P2P 网络连接和 VPN 服务。通过 Flutter 构建的现代化界面,让用户能够轻松创建和管理虚拟网络。 + +--- + +### [luci-app-easytier ( OpenWrt )](https://github.com/EasyTier/luci-app-easytier) + + EasyTier 的 OpenWrt 插件,提供了在 OpenWrt 路由器上安装和配置 EasyTier 内核的方法。 + + 插件支持在 OpenWrt 的 LuCI 界面内完成 EasyTier 内核的安装、配置和管理。用户可以方便地通过 LuCI 界面进行配置内核、查看运行日志、重启内核等操作。 diff --git a/guide/introduction.md b/guide/introduction.md index be4fc5a..b9f9084 100644 --- a/guide/introduction.md +++ b/guide/introduction.md @@ -1,23 +1,40 @@ -# 功能概览 +# EasyTier 简介 -一个简单、安全、去中心化的内网穿透 SD-WAN 异地组网方案,使用 Rust 语言和 Tokio 框架实现。 +EasyTier 是一款简单、安全、去中心化的内网穿透和异地组网工具,适合远程办公、异地访问、游戏加速等多种场景。无需公网 IP,无需复杂配置,轻松实现不同地点设备间的安全互联。 -## 特点 +软件即可通过命令行使用,也可以通过图形界面操作。下载后可直接使用,无其他任何依赖。 -- **去中心化**:无需依赖中心化服务,节点平等且独立。 -- **安全**:支持利用 WireGuard 加密通信,也支持 AES-GCM 加密保护中转流量。 -- **高性能**:全链路零拷贝,性能与主流组网软件相当。 -- **跨平台**:支持 MacOS/Linux/Windows/FreeBSD/Android,未来将支持 IOS。可执行文件静态链接,部署简单。 -- **无公网 IP 组网**:支持利用共享的公网节点组网,可参考 [配置指南](/guide/network/networking-without-public-ip) -- **NAT 穿透**:支持基于 UDP 的 NAT 穿透,即使在复杂的网络环境下也能建立稳定的连接。 -- **子网代理(点对网)**:节点可以将可访问的网段作为代理暴露给虚拟网,允许其他节点通过该节点访问这些子网。 -- **智能路由**:根据流量智能选择链路,减少延迟,提高吞吐量。 -- **TCP 支持**:在 UDP 受限的情况下,通过并发 TCP 链接提供可靠的数据传输,优化性能。 -- **高可用性**:支持多路径和在检测到高丢包率或网络错误时切换到健康路径。 -- **IPV6 支持**:支持利用 IPV6 组网。 +- [🛠️安装 CLI 页面](./installation) 可查看安装命令行工具的方法。 +- [🖥️安装 GUI 页面](./installation_gui) 可查看安装图形界面工具的方法。 +- [⬇️下载页面](./download) 可获取最新版本 EasyTier 的下载链接。 -## GUI -![alt text](/assets/image-6.png) +## 适用场景 -![alt text](/assets/image-7.png) +- **远程办公**:让公司、家中和外地的电脑像在同一局域网一样互通。 +- **异地访问**:随时随地安全访问家中 NAS、服务器或其他设备。 +- **游戏加速**:组建虚拟局域网,畅玩联机游戏。 +- **物联网组网**:让分布在不同地点的设备安全互联。 + +## 核心特点 + +- **去中心化**:无需依赖中心服务器,所有节点平等独立,都可以参与转发和组网。 +- **安全加密**:支持 WireGuard 和 AES-GCM 加密,保障数据安全。 +- **跨平台**:支持 MacOS、Linux、Windows、FreeBSD、Android,未来将支持 iOS。 +- **无公网 IP 组网**:可通过共享公网节点组网,详见[配置指南](/guide/network/networking-without-public-ip)。 +- **NAT 穿透**:支持 UDP NAT 穿透,复杂网络环境下也能稳定连接。 +- **智能路由**:自动选择最佳链路,降低延迟,提高吞吐量。 +- **高可用性**:多路径支持,自动切换健康链路,提升稳定性。 + +## 高级特性 + +- **KCP / QUIC 代理**: 支持将 TCP 流量转为 KCP / QUIC 协议,提升高 UDP 丢包环境下的传输延迟和稳定性。 +- **非特权模式**:支持在非特权用户下运行,避免需要 root 权限。(仅可作为被访问端) +- **WireGuard 接入**: 支持 WireGuard 客户端接入 EasyTIer 网络。 + + +## 图形界面(GUI) + +EasyTier 提供简单易用的图形界面,适合新手快速上手。 + +EasyTier GUI Screenshot diff --git a/guide/license.md b/guide/license.md index c76f105..df4af79 100644 --- a/guide/license.md +++ b/guide/license.md @@ -1,3 +1,3 @@ # 许可证 -EasyTier 基于 [Apache License 2.0](https://github.com/EasyTier/EasyTier/blob/main/LICENSE) 许可发布。 +EasyTier 基于 [LGPL 3.0](https://github.com/EasyTier/EasyTier/blob/main/LICENSE) 许可发布。 diff --git a/guide/network/config-file.md b/guide/network/config-file.md index 41abea1..457b537 100644 --- a/guide/network/config-file.md +++ b/guide/network/config-file.md @@ -7,13 +7,22 @@ easytier-core -c ./config.yaml ``` ::: warning 注意 -注意:配置文件的优先级更高,当运行时指定了配置文件,则命令行中除 `-c` 的其他参数将被忽略,只对配置文件生效。 +注意:配置文件中的参数可以被命令行覆盖,比如配置文件中指定了 `--hostname abc`,但在命令行中使用 `--hostname xyz`,则会使用命令行中的主机名参数 `xyz`。 ::: 使用参数运行可以获得对应参数的配置文件。配置文件会打印在命令行中,可以手动复制对应配置保存为toml文件即可。 在不使用参数的情况下直接运行 `easytier-core` 可以获得最小配置文件。 +## 多配置文件启动 + +可以通过 `-c` 参数指定多个配置文件,EasyTier 会在一个进程中加载多个配置文件并启动多个虚拟网络。 + +```sh +easytier-core -c ./config1.yaml -c ./config2.yaml +``` + + ## 配置文件生成工具 官网提供了配置文件生成工具,可以通过访问 配置文件生成工具 来生成配置文件。 diff --git a/guide/network/configurations.md b/guide/network/configurations.md index bf7dbc1..f74f189 100644 --- a/guide/network/configurations.md +++ b/guide/network/configurations.md @@ -1,88 +1,97 @@ # 完整配置选项 -可使用 `easytier-core --help` 查看全部配置项 +可使用 `easytier-core --help` 查看全部配置项。 ## 基本设置 -- **启动与版本** - - - `-h, --help`: 打印帮助信息。 - - `-V, --version`: 打印版本信息。 - -- **配置文件** - - - `-c, --config-file `: 配置文件路径。如果设置了此选项,其他所有选项都将被忽略。 - -- **实例标识** - - `--hostname `: 用于标识此设备的主机名。 - - `-m, --instance-name `: 实例名称,默认为`default`。 - -## 网络配置 - -- **服务器与网络** - - - `-w, --config-server `: 配置服务器地址。 - - `--network-name `: 网络名称,默认为`default`。 - - `--network-secret `: 网络密钥,默认为空。 - -- **IP配置** - - `-i, --ipv4 `: 此节点的IPv4地址,空表示仅转发数据包。 - - `-d, --dhcp`: 自动设置IP地址,默认从10.0.0.1开始。 - - `--dev-name `: 可选TUN接口名称。 - - `--mtu `: TUN设备的MTU,默认非加密时为1380,加密时为1360。 - -## 连接管理 - -- **监听器与门户** - - - `-l, --listeners [...]`: 监听器用于接受连接。 - - `--mapped-listeners [...]`: 指定监听器的公网地址。 - - `--no-listener`: 不监听任何端口。 - - `--vpn-portal `: 定义VPN门户的URL。 - - `--rpc-portal `: 管理的RPC门户地址,默认尝试15888。 - -- **节点与路由** - - `-p, --peers [...]`: 初始要连接的对等节点。 - - `-e, --external-node `: 使用公共共享节点来发现对等节点。 - - `--exit-nodes [...]`: 转发所有流量的出口节点。 - - `--enable-exit-node`: 允许此节点成为出口节点。 - - `--manual-routes [...]`: 手动分配路由CIDR。 - - `--relay-network-whitelist [...]`: 仅转发白名单网络的流量。 - -## 日志和调试 - -- **日志级别** - - - `--console-log-level `: 控制台日志级别。 - - `--file-log-level `: 文件日志级别。 - -- **日志存储** - - `--file-log-dir `: 存储日志文件的目录。 - -## 高级功能 - -- **性能优化** - - - `--latency-first`: 延迟优先模式。 - - `--multi-thread`: 使用多线程运行时。 - - `--disable-udp-hole-punching`: 禁用UDP打洞功能。 - -- **安全与隐私** - - - `-u, --disable-encryption`: 禁用加密,默认为false。 - - `--disable-ipv6`: 不使用IPv6。 - - `--compression `: 使用的压缩算法,默认为`none`。 - -- **代理与转发** - - - `--proxy-networks `: 导出本地网络到其他对等节点。 - - `--socks5 `: 启用 socks5 服务器。 - - `--ipv6-listener `: IPv6监听器URL。 - - `--no-tun`: 不创建TUN设备。 - - `--use-smoltcp`: 启用smoltcp堆栈。 - - `--bind-device `: 绑定套接字到物理设备。 - - `--relay-all-peer-rpc`: 转发所有对等节点的RPC数据包。 - -- **限制通信** - - `--disable-p2p`: 禁用P2P通信。 - - `--no-tun`: 不创建TUN设备以使用子网代理访问节点。 +### 配置服务器 + +| 参数 | 说明 | +| --------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | +| `-w, --config-server` | 配置服务器地址。允许格式: | +| | - 完整URL:`--config-server udp://127.0.0.1:22020/admin` | +| | - 仅用户名:`--config-server admin`,将使用官方的服务器 | +| | [env: ET_CONFIG_SERVER=] | +| `--machine-id` | Web 配置服务器通过 machine id 来识别机器,用于断线重连后的配置恢复,需要保证唯一且固定不变。默认从系统获得。 [env: ET_MACHINE_ID=] | +| `-c, --config-file` | 配置文件路径,注意:命令行中的配置的选项会覆盖配置文件中的选项 [env: ET_CONFIG_FILE=] | + +### 网络设置 + +| 参数 | 说明 | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | +| `--network-name` | 用于标识此VPN网络的网络名称 [env: ET_NETWORK_NAME=] | +| `--network-secret` | 网络密钥,用于验证此节点属于VPN网络 [env: ET_NETWORK_SECRET=] | +| `-i, --ipv4` | 此VPN节点的IPv4地址。如果为空,则此节点将仅转发数据包,不会创建TUN设备 [env: ET_IPV4=] | +| `-d, --dhcp` | 由Easytier自动确定并设置IP地址,默认从10.0.0.1开始。警告:在使用DHCP时,如果网络中出现IP冲突,IP将自动更改。 [env: ET_DHCP=] | +| `-p, --peers` | 最初要连接的对等节点 [env: ET_PEERS=] | +| `-e, --external-node` | 使用公共共享节点来发现对等节点 [env: ET_EXTERNAL_NODE=] | +| `-n, --proxy-networks` | 将本地网络导出到VPN中的其他对等节点,例如:`10.0.0.0/24`。支持映射到其他CIDR,例如:`10.0.0.0/24->192.168.0.0/24` [env: ET_PROXY_NETWORKS=] | + +### RPC 设置 + +| 参数 | 说明 | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------ | +| `-r, --rpc-portal` | 用于管理的RPC门户地址。支持以下格式: | +| | - `0` 表示随机端口 | +| | - `12345` 表示在localhost的12345上监听 | +| | - `0.0.0.0:12345` 表示在所有接口的12345上监听 | +| | 默认是 `0`,首先尝试 `15888` | +| | [env: ET_RPC_PORTAL=] | +| `--rpc-portal-whitelist` | RPC门户白名单,仅允许这些地址访问RPC门户,例如:`127.0.0.1/32,127.0.0.0/8,::1/128` [env: ET_RPC_PORTAL_WHITELIST=] | + +### 监听器设置 + +| 参数 | 说明 | +| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | +| `-l, --listeners` | 监听器用于接受连接,支持以下格式: | +| | - 端口号:`<11010>`,意味着tcp/udp将在11010端口监听,ws/wss将在11010和11011端口监听,wg将在11011端口监听。 | +| | - URL:``,其中tcp可以是tcp、udp、ring、wg、ws、wss协议。 | +| | - 协议和端口对:``,例如wg:11011,表示使用WireGuard协议在11011端口监听。 | +| | [env: ET_LISTENERS=] | +| `--mapped-listeners` | 手动指定监听器的公网地址,其他节点可以使用该地址连接到本节点。例如:`tcp://123.123.123.123:11223`,可以指定多个。 [env: ET_MAPPED_LISTENERS=] | +| `--no-listener` | 不监听任何端口,只连接到对等节点 [env: ET_NO_LISTENER=] | + +### 其他设置 + +| 参数 | 说明 | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | +| `--hostname` | 用于标识此设备的主机名 [env: ET_HOSTNAME=] | +| `-m, --instance-name` | 实例名称,用于在同一台机器上标识此VPN节点 [env: ET_INSTANCE_NAME=] | +| `--vpn-portal` | 定义VPN门户的URL,允许其他VPN客户端连接。例如:`wg://0.0.0.0:11010/10.14.14.0/24` [env: ET_VPN_PORTAL=] | +| `--default-protocol` | 连接到对等节点时使用的默认协议 [env: ET_DEFAULT_PROTOCOL=] | +| `-u, --disable-encryption` | 禁用对等节点通信的加密,默认为false,必须与对等节点相同 [env: ET_DISABLE_ENCRYPTION=] | +| `--multi-thread` | 使用多线程运行时,默认为单线程 [env: ET_MULTI_THREAD=] | +| `--disable-ipv6` | 不使用IPv6 [env: ET_DISABLE_IPV6=] | +| `--dev-name` | 可选的TUN接口名称 [env: ET_DEV_NAME=] | +| `--mtu` | TUN设备的MTU,默认为非加密时为1380,加密时为1360 [env: ET_MTU=] | +| `--latency-first` | 延迟优先模式,将尝试使用最低延迟路径转发流量,默认使用最短路径 [env: ET_LATENCY_FIRST=] | +| `--exit-nodes` | 转发所有流量的出口节点,虚拟IPv4地址,优先级由列表顺序决定 [env: ET_EXIT_NODES=] | +| `--enable-exit-node` | 允许此节点成为出口节点 [env: ET_ENABLE_EXIT_NODE=] | +| `--proxy-forward-by-system` | 通过系统内核转发子网代理数据包,禁用内置NAT [env: ET_PROXY_FORWARD_BY_SYSTEM=] | +| `--no-tun` | 不创建TUN设备,可以使用子网代理访问节点 [env: ET_NO_TUN=] | +| `--use-smoltcp` | 为子网代理和 KCP 代理启用smoltcp堆栈 [env: ET_USE_SMOLTCP=] | +| `--manual-routes` | 手动分配路由CIDR,将禁用子网代理和从对等节点传播的wireguard路由。例如:`192.168.0.0/16` [env: ET_MANUAL_ROUTES=] | +| `--relay-network-whitelist` | 仅转发白名单网络的流量,支持通配符字符串。多个网络名称间可以使用英文空格间隔。 [env: ET_RELAY_NETWORK_WHITELIST=] | +| `--disable-p2p` | 禁用P2P通信,只通过`--peers`指定的节点转发数据包 [env: ET_DISABLE_P2P=] | +| `--disable-udp-hole-punching` | 禁用UDP打洞功能 [env: ET_DISABLE_UDP_HOLE_PUNCHING=] | +| `--relay-all-peer-rpc` | 转发所有对等节点的RPC数据包,即使对等节点不在转发网络白名单中。 [env: ET_RELAY_ALL_PEER_RPC=] | +| `--socks5` | 启用 socks5 服务器,允许 socks5 客户端访问虚拟网络。格式: `<端口>`,例如:`1080` [env: ET_SOCKS5=] | +| `--compression` | 要使用的压缩算法,支持 `none`、`zstd`。默认为 `none` [env: ET_COMPRESSION=] | +| `--bind-device` | 将连接器的套接字绑定到物理设备以避免路由问题。 [env: ET_BIND_DEVICE=] | +| `--enable-kcp-proxy` | 使用 KCP 代理 TCP 流,提高在 UDP 丢包网络上的延迟和吞吐量。 [env: ET_ENABLE_KCP_PROXY=] | +| `--disable-kcp-input` | 不允许其他节点使用 KCP 代理 TCP 流到此节点。 [env: ET_DISABLE_KCP_INPUT=] | +| `--enable-quic-proxy` | 使用 QUIC 代理 TCP 流,提高在 UDP 丢包网络上的延迟和吞吐量。 [env: ET_ENABLE_QUIC_PROXY=] | +| `--disable-quic-input` | 不允许其他节点使用 QUIC 代理 TCP 流到此节点。 [env: ET_DISABLE_QUIC_INPUT=] | +| `--port-forward` | 将本地端口转发到虚拟网络中的远程端口。例如:`udp://0.0.0.0:12345/10.126.126.1:23456` [env: ET_PORT_FORWARD=] | +| `--accept-dns` | 如果为true,则启用魔法DNS。使用魔法DNS,您可以使用域名访问其他节点,例如:`.et.net` [env: ET_ACCEPT_DNS=] | +| `--private-mode` | 如果为true,则不允许使用了与本网络不相同的网络名称和密码的节点通过本节点进行握手或中转 [env: ET_PRIVATE_MODE=] | +| `--foreign-relay-bps-limit` | 限制转发流量的带宽 [env: ET_FOREIGN_RELAY_BPS_LIMIT=] | +| `--console-log-level` | 控制台日志级别 [env: ET_CONSOLE_LOG_LEVEL=] | +| `--file-log-level` | 文件日志级别 [env: ET_FILE_LOG_LEVEL=] | +| `--file-log-dir` | 存储日志文件的目录 [env: ET_FILE_LOG_DIR=] | + +--- + +更多配置项请参考 `easytier-core --help` 输出。 + +--- diff --git a/guide/network/decentralized-networking.md b/guide/network/decentralized-networking.md index 1eaa8b2..b28afbb 100644 --- a/guide/network/decentralized-networking.md +++ b/guide/network/decentralized-networking.md @@ -4,71 +4,89 @@ EasyTier 是去中心化的,不区分服务器和客户端,只要一个设备可以与虚拟网中任意一个节点通信,就可以加入虚拟网。 -## 双节点组网 +## 双节点组网 {#two-nodes} -假设双节点的网络拓扑如下 +假设双节点的网络拓扑如下: ```mermaid flowchart LR - -subgraph 节点 A IP 22.1.1.1 -nodeA[EasyTier
10.144.144.1] +subgraph 节点 A [物理网卡IP: 22.1.1.1] + nodeA[EasyTier
虚拟 IP: 10.144.144.1] end - -subgraph 节点 B IP 33.1.1.1 -nodeB[EasyTier
10.144.144.2] +subgraph 节点 B [物理网卡IP: 33.1.1.1] + nodeB[EasyTier
虚拟 IP: 10.144.144.2] end - nodeA <-----> nodeB - ``` -1. 在节点 A 上执行: +### 步骤 + +1. 在节点 A 上运行以下命令: ```sh sudo easytier-core -i 10.144.144.1 ``` -2. 在节点 B 执行 + - `-i` 指定虚拟网的 IP 地址。 + + 该节点启动后会默认监听以下端口: + + | 协议 | 默认端口 | + | ------------- | ----------- | + | TCP | 11010 (TCP) | + | UDP | 11010 (UDP) | + | WebSocket | 11011 (TCP) | + | WebSocket SSL | 11012 (TCP) | + | WireGuard | 11013 (UDP) | + + 可以通过 `-l` 参数指定监听端口,例如: + + | 参数示例 | 说明 | + | --------------------------- | -------------------------------------------------------------------------------------------------------------------------- | + | `-l 12345` | 将端口的基准端口改为 12345,则监听端口为:TCP: 12345, UDP: 12345, WebSocket: 12346, WebSocket SSL: 12347, WireGuard: 12348 | + | `-l tcp:11010 -l udp:11011` | 将 TCP 端口改为 11010,UDP 端口改为 11011,仅监听这两个端口。支持的协议有 `tcp`、`udp`、`ws`、`wss`、`wg` | + | `--no-listener` | 禁止监听端口,会影响非打洞连接的建立。 | + +2. 在节点 B 上运行以下命令: ```sh sudo easytier-core -d -p udp://22.1.1.1:11010 ``` - 其中 `-d` 代表 DHCP 模式,EasyTier 会自动获取一个 IP 地址。 + - `-d` 表示 DHCP 模式,自动分配虚拟 IP。 + - `-p` 指定节点 A 的公网地址和端口。 + ## 三节点组网 -基于刚才的双节点组网例子,第三个节点 C 如果要加入虚拟网,既可以连接到节点 A,也可以连接到节点 B。 +基于双节点组网,第三个节点 C 可以连接到节点 A 或节点 B 加入虚拟网。 -假设通过连接到节点 A 组网,网络拓扑如下: +假设通过连接到节点 A 组网,网络拓扑如下: ```mermaid - flowchart LR - -subgraph 节点 A IP 22.1.1.1 -nodeA[EasyTier
10.144.144.1] +subgraph 节点 A [物理网卡IP: 22.1.1.1] + nodeA[EasyTier
虚拟 IP: 10.144.144.1] end - -subgraph 节点 C -nodeC[EasyTier
10.144.144.3] +subgraph 节点 C [新加入] + nodeC[EasyTier
虚拟 IP: 10.144.144.3] end - -subgraph 节点 B IP 33.1.1.1 -nodeB[EasyTier
10.144.144.2] +subgraph 节点 B [物理网卡IP: 33.1.1.1] + nodeB[EasyTier
虚拟 IP: 10.144.144.2] end - nodeA <-----> nodeB - nodeC <-----> nodeA - ``` -在节点 C 上执行: +### 步骤 -```sh -sudo easytier-core -d -p udp://22.1.1.1:11010 -``` +1. 在节点 C 上运行以下命令: + + ```sh + sudo easytier-core -d -p udp://22.1.1.1:11010 + ``` + + - `-d` 表示 DHCP 模式,自动分配虚拟 IP。 + - `-p` 指定节点 A 的公网地址和端口。 -随后 C 即可与 A 和 B 通过虚拟网通信。 +随后节点 C 即可与节点 A 和节点 B 通过虚拟网通信。 diff --git a/guide/network/fast-networking.md b/guide/network/fast-networking.md deleted file mode 100644 index 1386868..0000000 --- a/guide/network/fast-networking.md +++ /dev/null @@ -1,199 +0,0 @@ -# 快速组网 - -## 利用共享节点组网 - -当你没有公网 IP 时,可以使用 EasyTier 社区提供的免费共享节点快速组网。节点间成功组网后,会自动尝试 NAT 穿透并建立 P2P 连接,在成功 P2P 之前,共享节点会帮助转发数据。 - -注意:在 Easytier 中只有节点的概念,以下的共享节点可以理解为中心化组网中的公共服务器。 - -假设有两个节点 A 和 B: - -1. 在节点 A 上执行以下命令: - - ```sh - sudo easytier-core -i 10.144.144.1 --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 - ``` - - > `-i` 代表指定虚拟网 IPv4 地址,默认 /24 网段; - > - > 例如:10.0.0.1/8 172.16.0.1/16 192.168.0.1/24; - > - > 注意:目前 Easytier 没有虚拟 IPv6 地址(意义不大); - > - > `--network-name` 和 `--network-secret` 为网络名和网络密钥; - > - > 可以使用 Unicode 字符,例如 --network-name 测试 --network-secret 测试 ; - > - > `-p` 代表指定节点地址,此处使用官方的共享节点。 - > - > 也可使用其他地址,如 Easytier 公共服务器列表中的地址。 - > - -::: warning 注意 -由于默认使用的是 Easytier 官方的公共节点,服务器压力过大经常会造成延迟高、无法组网等问题,建议使用其他[公共节点](https://easytier.gd.nkbpal.cn/status/easytier)来组网。 -此外在 Easytier 中 network-name 的优先级是最高的,对于每一个节点来说,只能有一个名称相同的 network-name 。 -::: - -3. 在节点 B 上执行 - - ```sh - sudo easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 - ``` - - > `-d` 代表 DHCP 模式,EasyTier 会自动获取一个虚拟 IP 地址。 - > - > 注意:在该例子中,由于没有公网 IP ,在进行组网时,请使用相同的公共服务器进行组网。 - > - > 如果您想在节点 A 和 节点 B 上使用不同的共享节点进行组网,请参考本节的 Easytier 集群功能。 - -4. 测试是否组网成功 - - 测试两个节点是否成功连接并能够在虚拟子网内通信,可以在节点 B 上执行以下命令进行测试。 - - ```sh - ping 10.144.144.1 - ``` - -::: warning 注意 -一般来说系统默认开启防火墙并会阻止入站流量,很大概率会导致虚拟 IP 无法 ping 通或无法访问各种服务,需要手动关闭防火墙或添加规则放行。 -::: - -## 查看虚拟网络状态 - -easytier-core 成功启动后,可以使用 easytier-cli 进行管理。 - -- 可执行以下命令来查看虚拟网中的节点信息 - -```sh -easytier-cli peer -``` - -| ipv4 | hostname | cost | lat_ms | loss_rate | rx_bytes | tx_bytes | tunnel_proto | nat_type | id | -| :----------- | :------- | :--- | :----- | :-------- | :------- | :------- | :----------- | :------- | :-------- | -| 10.144.144.1 | abc-dec | 1 | 3.452 | 0 | 17.33kB | 20.42kB | udp | FullCone | 390879727 | - -- 查看虚拟网路由信息 - -```sh -easytier-cli route -``` - -| ipv4 | hostname | proxy_cidrs | next_hop_ipv4 | next_hop_hostname | next_hop_lat | cost | -| :----------- | :------- | :---------- | :------------ | :---------------- | :----------- | :--- | -| 10.144.144.1 | abc-dec | | DIRECT | | 3.646 | 1 | - -- 查看本节点的信息 - -```sh -easytier-cli node -``` - -``` -┌───────────────┬──────────────────────┐ -│ Virtual IP │ 10.144.144.1 │ -├───────────────┼──────────────────────┤ -│ Hostname │ archlinux-base │ -├───────────────┼──────────────────────┤ -│ Proxy CIDRs │ 10.147.223.0/24 │ -├───────────────┼──────────────────────┤ -│ Peer ID │ 2616333191 │ -├───────────────┼──────────────────────┤ -│ Public IP │ 75.52.125.26 │ -├───────────────┼──────────────────────┤ -│ UDP Stun Type │ FullCone │ -├───────────────┼──────────────────────┤ -│ Listener 1 │ tcp://0.0.0.0:11010 │ -├───────────────┼──────────────────────┤ -│ Listener 2 │ udp://0.0.0.0:11010 │ -├───────────────┼──────────────────────┤ -│ Listener 3 │ wg://0.0.0.0:11011 │ -├───────────────┼──────────────────────┤ -│ Listener 4 │ ws://0.0.0.0:11011/ │ -├───────────────┼──────────────────────┤ -│ Listener 5 │ wss://0.0.0.0:11012/ │ -├───────────────┼──────────────────────┤ -│ Listener 6 │ udp://[::]:37039 │ -└───────────────┴──────────────────────┘ -``` - -## 同时使用多个共享节点组网 - -为了避免单个共享节点故障导致虚拟网不可用,可以同时连接到多个共享节点。只需要指定多个 -p 参数即可,如:`-p tcp://1.1.1.1:11010 -p udp://1.1.1.2:11011`。虚拟网中每个节点最好指定相同的共享节点列表。 - -这依赖了 EasyTier 所支持的共享节点集群功能,假设有 A 和 B 两个共享节点,这两个共享节点互联组成集群。当 C 和 D 希望组网时,C 和 D 可以同时连接到 A 和 B,这样即使 A 或 B 故障,C 和 D 之间依然可以通信。组网模式如图所示: - -```mermaid - -flowchart LR - -subgraph 节点 C -nodeC[节点 C
网络名: abc] -end - -subgraph 共享节点 A -nodeA[共享节点 A
网络名: Public] -end - -subgraph 共享节点 B -nodeB[共享节点 B
网络名: Public] -end - -subgraph 节点 D -nodeD[节点 D
网络名: abc] -end - -nodeA <-----> nodeB - -nodeC <-----> nodeA -nodeC <-----> nodeB - -nodeA <-----> nodeD -nodeB <-----> nodeD - -``` - -即使出现网络分区,C 因为某种原因只能连接到 A,D 因为某种原因只能连接到 B,C 和 D 之间依然可以通信,即两端使用了不同的共享节点依然能够进行组网。 - -```mermaid - -flowchart LR - -subgraph 节点 C -nodeC[节点 C
网络名: abc] -end - -subgraph 共享节点 A -nodeA[共享节点 A
网络名: Public] -end - -subgraph 共享节点 B -nodeB[共享节点 B
网络名: Public] -end - -subgraph 节点 D -nodeD[节点 D
网络名: abc] -end - -nodeA <-----> nodeB - -nodeC <-----> nodeA - -nodeB <-----> nodeD - -``` - -## 同时加入/组建多个虚拟网络 - -EasyTier 支持在同一个设备上同时运行多个进程,每个进程启动时使用不同参数即可加入不同的虚拟网。 -需要注意,多个虚拟网的虚拟 IP 网段不应该重叠,否则会导致路由冲突。 - -另外,启动多个 EasyTier 实例时,需要指定不同的监听器端口,否则会导致端口冲突。 - -比如可以使用如下命令启动两个 EasyTier 进程: - -```sh -sudo easytier-core --network-name net1 -p tcp://public.easytier.cn:11010 -l 11010 -sudo easytier-core --network-name net2 -p tcp://public.easytier.cn:11010 -l 21010 -``` - -> `-l` 代表指定监听器端口。 diff --git a/guide/network/host-public-server.md b/guide/network/host-public-server.md index a5a8b76..c002e81 100644 --- a/guide/network/host-public-server.md +++ b/guide/network/host-public-server.md @@ -21,3 +21,13 @@ EasyTier 可以做到不转发其他虚拟网的网络包,而是只帮助他 ``` easytier-core --relay-network-whitelist --relay-all-peer-rpc ``` + +## 私有模式 + +如果你希望 EasyTier 仅在你的虚拟网络中提供服务,而不希望其他虚拟网的节点连接到你的节点,可以使用 `--private-mode true` 参数启动 EasyTier。 + +``` +sudo easytier-core --private-mode true --network-name my-network --network-secret my-secret +``` + +这会仅允许网络名为 `my-network` 且密钥为 `my-secret` 的节点连接到该 EasyTier 节点。 \ No newline at end of file diff --git a/guide/network/kcp-proxy.md b/guide/network/kcp-proxy.md index 427ed45..ab191f1 100644 --- a/guide/network/kcp-proxy.md +++ b/guide/network/kcp-proxy.md @@ -2,53 +2,85 @@ EasyTier 一般使用 UDP 协议进行数据传输虚拟网的 IP 数据包。但是某些运营商会对 UDP 协议进行限制,导致 UDP 有较高的丢包率,影响虚拟网内 TCP 协议的传输速度。 -为了解决此问题,EasyTier 提供 KCP 代理功能,可以代理虚拟网内的 TCP 链接,并转换为 KCP 协议进行传输。 -由于 KCP 有更激进的重传机制,可以有效降低丢包率,提高虚拟网内的 TCP 传输速度。 +为了解决此问题,EasyTier 提供 KCP 代理功能,可以代理虚拟网内的 TCP 链接,并转换为 KCP 协议进行传输。由于 KCP 有更激进的重传机制,可以有效降低丢包率,提高虚拟网内的 TCP 传输速度。 -```mermaid +## 网络拓扑 + +假设网络拓扑如下: +```mermaid graph LR - A[应用客户端] -->|TCP| B(EasyTier
A 节点) - B -->|KCP over UDP| C(EasyTier
B 节点) + A[应用客户端] -->|TCP| B(EasyTier
A 节点) + B -->|KCP over UDP| C(EasyTier
B 节点) C -->|TCP| D[应用服务端] - classDef endpoint fill:#c1f0c1,stroke:#2d882d - classDef easy fill:#b3d9ff,stroke:#0066cc - classDef transport stroke:#ff6666,stroke-width:2px + classDef endpoint fill:#1e90ff,stroke:#ffffff,color:#ffffff + classDef easy fill:#4682b4,stroke:#ffffff,color:#ffffff + classDef transport stroke:#ffa500,stroke-width:2px class A,D endpoint class B,C easy - linkStyle 1 stroke:#ff6666,stroke-width:2px,stroke-dasharray:5 5 + linkStyle 1 stroke:#ffa500,stroke-width:2px,stroke-dasharray:5 5 style B stroke-width:2px style C stroke-width:2px - ``` ## 使用 KCP 代理 -KCP 代理功能需要虚拟网内 **所有节点** 的 EasyTier 版本在 v2.2.0 以上。 +### 启用 KCP 代理 假设想将 A 节点上的 TCP 流量代理为 KCP 协议,只需要在 A 节点上启动 EasyTier 时指定 `--enable-kcp-proxy` 参数即可。 +```sh +sudo easytier-core --enable-kcp-proxy +``` + +- `--enable-kcp-proxy` 启用 KCP 代理功能。 + KCP 代理会保证版本兼容性,如果发现对端节点不支持 KCP 代理,会自动切换回 TCP 协议。 + +### 切换到用户态网络栈 + KCP 代理默认使用内核的网络栈,可能由于系统防火墙设置导致无法正常工作。可以尝试结合 `--use-smoltcp` 参数,切换到用户态网络栈。 -## 禁用 KCP 入站 +```sh +sudo easytier-core --enable-kcp-proxy --use-smoltcp +``` + +- `--use-smoltcp` 切换到用户态网络栈。 + + +### 禁用 KCP 入站 如果不希望发往某个节点的流量使用 KCP 协议,可以在对端节点上启动 EasyTier 时指定 `--disable-kcp-input` 参数。 -以简介中的例子为例,如果不希望 B 节点接收 KCP 流量,可以在 B 节点上启动 EasyTier 时指定 `--disable-kcp-input` 参数。这样即使 A 节点启用了 KCP 代理,A 节点发往 B 节点的流量依然使用 TCP 协议。 +以简介中的例子为例,如果不希望 B 节点接收 KCP 流量,可以在 B 节点上启动 EasyTier 时指定以下命令: + +```sh +sudo easytier-core --disable-kcp-input +``` + +- `--disable-kcp-input` 禁用 KCP 入站流量。 + +这样即使 A 节点启用了 KCP 代理,A 节点发往 B 节点的流量依然使用 TCP 协议。 + ## 网对网 KCP 支持 假设节点 A 是路由器,A 下的子网访问 EasyTier 其他节点本身或者其他代理子网时,也可以使用 KCP 代理,但是需要 A 节点使用用户态网络栈即 `--use-smoltcp` 参数。 + +```sh +sudo easytier-core --enable-kcp-proxy --use-smoltcp +``` + 否则仍会使用 TCP 协议。 + ## 查看 KCP 代理状态 -可以通过 EasyTier Cli 工具查看 KCP 代理的链接的状态。 +可以通过 EasyTier CLI 工具查看 KCP 代理的链接状态。 ```bash $ easytier-cli proxy @@ -63,3 +95,36 @@ $ easytier-cli proxy │ 0.0.0.0:0 │ 10.147.223.1:80 │ 2025-02-07 10:41:18 UTC │ Connected │ Kcp │ └────────────────────┴───────────────────┴─────────────────────────┴───────────┴────────────────┘ ``` + +## QUIC 代理 + +EasyTier v2.3.2 版本引入了 QUIC 代理的支持,原理与 KCP 代理类似,但 QUIC 的 BBR 算法可以在高丢包环境下达到更高的带宽(KCP 代理则可显著降低延迟,但可以达到的带宽上限较低)。 + +QUIC 代理可以通过在链接发起端通过 `--enable-quic-proxy` 参数启用。 + +```sh +sudo easytier-core --enable-quic-proxy +``` + +接收端的 QUIC 代理可以通过 `--disable-quic-input` 参数禁用。 + +```sh +sudo easytier-core --disable-quic-input +``` + +发送端和接收端可以通过 `easytier-cli proxy` 命令查看 QUIC 代理的链接状态。 + +```bash +$ easytier-cli proxy +┌────────────────────┬───────────────────┬─────────────────────────┬───────────┬────────────────┐ +│ src │ dst │ start_time │ state │ transport_type │ +├────────────────────┼───────────────────┼─────────────────────────┼───────────┼────────────────┤ +│ 10.126.126.7:51838 │ 10.147.223.128:22 │ 2025-02-07 10:39:08 UTC │ Connected │ Quic │ +└────────────────────┴───────────────────┴─────────────────────────┴───────────┴────────────────┘ +``` + +::: tip 提示 +QUIC 和 KCP 代理可以同时启用,但是 KCP 代理会优先于 QUIC 代理生效。 + +在同时启用后,仅在目的端关闭 KCP 输入后,QUIC 代理才会生效。 +::: diff --git a/guide/network/magic-dns.md b/guide/network/magic-dns.md new file mode 100644 index 0000000..5380d9f --- /dev/null +++ b/guide/network/magic-dns.md @@ -0,0 +1,17 @@ +# 魔法 DNS + +EasyTier 支持类似 Tailscale 的魔法 DNS 功能,允许用户通过域名访问其他节点,无需记住虚拟 IP 地址。只要在启动时加入 `--accept-dns` 参数即可启用魔法 DNS 功能。 + +魔法 DNS 默认使用 `100.100.100.101` 作为 DNS 服务器地址,可以 `ping` 该地址测试魔法 DNS 是否成功启用。 + +假设魔法 DNS 启用成功,节点 A 的主机名为 `node-a`,则其他节点可以通过 `node-a.et.net` 访问节点 A。 + +```sh +ping node-a.et.net +``` + +主机名支持中文。 + +::: tip 注意 +魔法 DNS 目前仅支持在 Windows 和 MacOS 上自动配置系统 DNS,Linux 上需要手动配置 DNS 服务器为 `100.100.100.101` 才可正常使用。 +::: diff --git a/guide/network/oneclick-install-as-service.md b/guide/network/oneclick-install-as-service.md new file mode 100644 index 0000000..c78826d --- /dev/null +++ b/guide/network/oneclick-install-as-service.md @@ -0,0 +1,79 @@ +# 一键注册服务 + +EasyTier Cli 提供注册服务命令,可以在大部分系统上一键将 EasyTier 注册为系统服务。注册后,EasyTier 会在系统启动时自动启动,并在后台运行。 + +使用该命令需要 `easytier-core` 和 `easytier-cli` 在同一目录下。进入该目录后,运行以下命令: + +::: code-group + +```sh [Linux] +# 假设 EasyTier 的启动参数为 -w abc +sudo ./easytier-cli service install -w abc +``` + +```powershell [Windows] +# 假设 EasyTier 的启动参数为 -w abc +.\easytier-cli.exe service install -w abc +``` + +::: + +`install` 后的部分会作为 `easytier-core` 的启动参数。 + +服务安装成功后,可以使用以下命令对服务进行管理: + +- 启动服务: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service start + ``` + + ```powershell [Windows] + .\easytier-cli.exe service start + ``` + + ::: + +- 停止服务: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service stop + ``` + + ```powershell [Windows] + .\easytier-cli.exe service stop + ``` + + ::: + +- 查看状态: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service status + ``` + + ```powershell [Windows] + .\easytier-cli.exe service status + ``` + + ::: + +- 卸载服务: + + ::: code-group + + ```sh [Linux] + sudo ./easytier-cli service uninstall + ``` + + ```powershell [Windows] + .\easytier-cli.exe service uninstall + ``` + + ::: diff --git a/guide/network/p2p-optimize.md b/guide/network/p2p-optimize.md index 51c11a2..fc67b48 100644 --- a/guide/network/p2p-optimize.md +++ b/guide/network/p2p-optimize.md @@ -4,10 +4,11 @@ ## IPv6 -EasyTier 支持节点间通过 IPv6 进行 P2P 通信,默认 EasyTier 会随机监听一个 IPv6 UDP 端口。 +EasyTier 支持节点间通过 IPv6 进行 P2P 通信,默认 EasyTier 在每个监听器上同时监听 IPv4 和 IPv6 地址。 -在某些情况下,指定监听 IPv6 地址和端口可能更有利于节点间的 P2P 通信。 -可以使用 `-l` 配置 IPv6 的监听器。 例如: +只要监听器监听地址为 `0.0.0.0` EasyTier 就会自动监听 IPv6 地址,该行为可以通过 `--disable-ipv6` 参数禁用。 + +也可以手动配置仅监听 IPv6 地址。 例如: ```sh easytier-core -l 'tcp://[::]:12345' -l 'udp://[::]:12345' diff --git a/guide/network/point-to-networking.md b/guide/network/point-to-networking.md index eba3829..9a9c0c4 100644 --- a/guide/network/point-to-networking.md +++ b/guide/network/point-to-networking.md @@ -1,4 +1,4 @@ -# 子网代理(点对网) +# 子网代理 假设网络拓扑如下,节点 B 想将其可访问的子网 10.1.1.0/24 共享给其他节点。 @@ -52,17 +52,16 @@ easytier-core -n 10.1.1.0/24 -n 10.2.0.0/16 -n 10.3.3.3/32 ::: -## 手工指定路由 -默认情况下,当虚拟网中的某个节点配置了子网代理后,子网代理的网段会被同步到虚拟网内的所有节点上,并自动生成一条路由,将发往这些网段的数据包交由虚拟网处理。 +## 防火墙 -这在大部分情况下可以简化组网,但在有些场景下,用户可能并不希望 EasyTier 在节点上自动配置路由,用户可通过 `--manual-routes` 参数手工配置需要转发到虚拟网的流量。 +由于代理流量需要用到系统的网络栈,因此子网代理需要关闭在虚拟网卡上的防火墙。 -使用 `--manual-routes` 后,只有该参数配置的网段才会进入虚拟网,如果该参数后的列表为空,则 EasyTier 不会处理任何非虚拟网网段的流量。 +- 在 Windows 上,可以将 `easytier-core.exe` 添加到防火墙的例外列表中或者直接关闭防火墙。 -## 防火墙 +- 在 Linux 上,可以使用 `iptables` 或 `ufw` 来放行虚拟网卡上的 INPUT 和 OUTPUT 流量。 -由于代理流量需要用到系统的网络栈,因此子网代理需要关闭在虚拟网卡上的防火墙(Linux 和 Windows 皆是如此)。 +- 在 OpenWrt 上,可以在 LUCI 界面上放行虚拟网卡流量。 如果无法关闭防火墙,可以尝试用用户态的网络栈做子网代理,可以免去配置防火墙的步骤。只需要在启动 EasyTier 时添加 `--use-smoltcp` 参数即可。 @@ -74,6 +73,42 @@ easytier-core -n 10.1.1.0/24 -n 10.2.0.0/16 -n 10.3.3.3/32 ::: +## 手工指定路由 + +默认情况下,当虚拟网中的某个节点配置了子网代理后,子网代理的网段会被同步到虚拟网内的所有节点上,并自动生成一条路由,将发往这些网段的数据包交由虚拟网处理。 + +这在大部分情况下可以简化组网,但在有些场景下,用户可能并不希望 EasyTier 在节点上自动配置路由,用户可通过 `--manual-routes` 参数手工配置需要转发到虚拟网的流量。 + +使用 `--manual-routes` 后,只有该参数配置的网段才会进入虚拟网,如果该参数后的列表为空,则 EasyTier 不会处理任何非虚拟网网段的流量。例如: + +```sh +sudo easytier-core --ipv4 10.144.144.2 -n 10.1.1.0/24 --manual-routes 10.1.1.0/24 +``` + +`--manual-routes` 可以多次指定,来配置多个网段,格式与 `-n` 参数相同。 + +则该节点上仅会将 10.1.1.0/24 网段的流量交由虚拟网处理,其他网段的流量不会进入虚拟网。 + +## 网段映射 + +假设有如下场景:A 节点和 B 节点在内部网络中都有 `192.168.1.0/24` 的子网(网段相同但是物理网络不同),若 A、B 两节点希望对该网段进行代理,则需要将该网段映射到不同的虚拟网段上。 + +以下命令 A 节点将 `192.168.1.0/24` 映射到 `10.1.1.0/24`,B 节点将 `192.168.1.0/24` 映射到 `10.2.2.0/24`。 + +```sh +# 在节点 A 上运行 +sudo easytier-core --ipv4 10.144.144.1 -n '192.168.1.0/24->10.1.1.0/24' + +# 在节点 B 上运行 +sudo easytier-core --ipv4 10.144.144.2 -n '192.168.1.0/24->10.2.2.0/24' +``` + +虚拟网内其他节点,可以通过访问 `10.1.1.X` 来访问 A 节点代理的 `192.168.1.X`;通过访问 `10.2.2.X` 来访问 B 节点代理的 `192.168.1.X`。 + +::: warning 注意 +映射后的网段大小必须与原网段大小相同,否则会导致 EasyTier 启动失败。 +::: + ## 禁用内置NAT 默认情况下,子网代理中启用了内置 NAT,在用户态处理数据包转发,使非网关设备也能成为子网入口,同时规避了不同操作系统上对于数据包转发的限制。 @@ -82,4 +117,7 @@ easytier-core -n 10.1.1.0/24 -n 10.2.0.0/16 -n 10.3.3.3/32 需要注意当该选项启用后,子网代理的数据包转发将完全依赖于操作系统,请确认操作系统的防火墙、转发规则、路由规则等配置正确。 ---- + +## 网对网 + +A 节点下的子网和 B 节点下的子网互相访问称为网对网, 网对网的配置请参考章节 [网对网](network-to-network)。 diff --git a/guide/network/quick-networking.md b/guide/network/quick-networking.md new file mode 100644 index 0000000..23f8a7b --- /dev/null +++ b/guide/network/quick-networking.md @@ -0,0 +1,226 @@ +# 快速组网 + +## 利用共享节点组网 + +当没有公网 IP 时,可使用 EasyTier 社区提供的免费共享节点快速组网。节点间会自动尝试 NAT 穿透并建立 P2P 连接,P2P 失败时由共享节点中转数据。 + +通过以下步骤可以构建一个简单的双节点虚拟网络: + +```mermaid +flowchart LR + S[公共共享节点] + +subgraph 虚拟网 abc + A[节点A] + B[节点B] +end + +A -->|连接| S +B -->|连接| S +A <-.->|P2P直连| B +``` + +### 步骤示例 + +假设有两个节点 A 和 B: + +#### 1. 在节点 A 上运行 + +::: code-group + +```sh [Linux] +# 管理员权限运行 +./easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +```powershell [Windows] +# 管理员权限运行 +.\easytier-core.exe -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +::: + +- `-d` 自动分配虚拟 IP,默认分配 `10.126.126.0/24` 网段,可使用 `-i 10.11.11.0/24` 指定其他虚拟 IP。 +- `--network-name` 指定虚拟网络名称(支持中文)。注意:若与其他用户网络名冲突,可能导致组网失败。 +- `--network-secret` 指定虚拟网络的密码,用于保护网络安全。 +- `-p` 指定节点地址,此处为官方共享节点,也可用[其他公共节点](https://easytier.gd.nkbpal.cn/status/easytier) + +#### 2. 在节点 B 上运行 + +::: code-group + +```sh [Linux] +# 管理员权限运行 +./easytier-core -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +```powershell [Windows] +# 管理员权限运行 +.\easytier-core.exe -d --network-name abc --network-secret abc -p tcp://public.easytier.cn:11010 +``` + +::: + +- `-d` 表示 DHCP 模式,自动分配虚拟 IP +- `-p` 需指定与节点 A 使用相同的共享节点 + +#### 3. 测试组网 + +在节点 B 上测试与节点 A 的连通性: + +```sh +ping 10.126.126.1 +ping 10.126.126.2 +``` + +::: warning 注意 +如无法 ping 通,可能是防火墙阻止入站流量。请关闭防火墙或添加放行规则。 +::: + +#### 4. 加入更多节点 + +可以继续在其他节点上运行相同命令,加入同一虚拟网络。 + +## 查看虚拟网络状态 + +EasyTier 启动后,可用 easytier-cli 管理和查看状态。 + +- 查看虚拟网中的节点信息: + +```sh +easytier-cli peer +``` + +--- + +| ipv4 | hostname | cost | lat_ms | loss_rate | rx_bytes | tx_bytes | tunnel_proto | nat_type | id | +| :----------- | :------- | :--- | :----- | :-------- | :------- | :------- | :----------- | :------- | :-------- | +| 10.144.144.1 | abc-dec | 1 | 3.452 | 0 | 17.33kB | 20.42kB | udp | FullCone | 390879727 | + +- 查看虚拟网路由信息: + +```sh +easytier-cli route +``` + +--- + +| ipv4 | hostname | proxy_cidrs | next_hop_ipv4 | next_hop_hostname | next_hop_lat | cost | +| :----------- | :------- | :---------- | :------------ | :---------------- | :----------- | :--- | +| 10.144.144.1 | abc-dec | | DIRECT | | 3.646 | 1 | + +- 查看本节点信息: + +```sh +easytier-cli node +``` + +--- + +::: details 输出示例 + +``` +┌───────────────┬──────────────────────┐ +│ Virtual IP │ 10.144.144.1 │ +├───────────────┼──────────────────────┤ +│ Hostname │ archlinux-base │ +├───────────────┼──────────────────────┤ +│ Proxy CIDRs │ 10.147.223.0/24 │ +├───────────────┼──────────────────────┤ +│ Peer ID │ 2616333191 │ +├───────────────┼──────────────────────┤ +│ Public IP │ 75.52.125.26 │ +├───────────────┼──────────────────────┤ +│ UDP Stun Type │ FullCone │ +├───────────────┼──────────────────────┤ +│ Listener 1 │ tcp://0.0.0.0:11010 │ +├───────────────┼──────────────────────┤ +│ Listener 2 │ udp://0.0.0.0:11010 │ +├───────────────┼──────────────────────┤ +│ Listener 3 │ wg://0.0.0.0:11011 │ +├───────────────┼──────────────────────┤ +│ Listener 4 │ ws://0.0.0.0:11011/ │ +├───────────────┼──────────────────────┤ +│ Listener 5 │ wss://0.0.0.0:11012/ │ +├───────────────┼──────────────────────┤ +│ Listener 6 │ udp://[::]:37039 │ +└───────────────┴──────────────────────┘ +``` + +::: + +--- + +## 同时使用多个共享节点组网 + +为提升可用性,可同时连接多个共享节点,只需指定多个 `-p` 参数: + +```sh +-p tcp://1.1.1.1:11010 -p udp://1.1.1.2:11011 +``` + +建议所有节点指定相同的共享节点列表。 + +### 组网原理示意 + +下图展示了多个共享节点集群下的组网模式: + +```mermaid +flowchart LR +subgraph 共享节点 + nodeA[共享节点 A
网络名: Public] + nodeB[共享节点 B
网络名: Public] +end +subgraph 节点 C + nodeC[节点 C
网络名: abc] +end +subgraph 节点 D + nodeD[节点 D
网络名: abc] +end +nodeA <--> nodeB +nodeC <--> 共享节点 +nodeD <--> 共享节点 +``` + +即使出现网络分区,C 只能连到 A,D 只能连到 B,C 和 D 依然可通信: + +```mermaid +flowchart LR +subgraph 节点 C + nodeC[节点 C
网络名: abc] +end +subgraph 共享节点 + nodeA[共享节点 A
网络名: Public] + nodeB[共享节点 B
网络名: Public] +end +subgraph 节点 D + nodeD[节点 D
网络名: abc] +end +nodeA <--> nodeB +nodeC <--> nodeA +nodeB <--> nodeD +``` + +--- + +## 同时加入/组建多个虚拟网络 + +EasyTier 支持同一设备运行多个进程,每个进程加入不同虚拟网。注意: +- 不同虚拟网的虚拟 IP 网段不能重叠,否则路由冲突; +- 启动多个实例时需指定不同监听端口,否则端口冲突。 + +示例: + +```sh +# 管理员权限运行 +./easytier-core --network-name net1 -p tcp://public.easytier.cn:11010 -l 11010 +./easytier-core --network-name net2 -p tcp://public.easytier.cn:11010 -l 21010 +``` + +- `-l` 指定监听端口。 + +--- + +## 搭建共享节点 + +如果希望搭建自己的共享节点,可以参考 [搭建共享节点](host-public-server) 文档。 diff --git a/guide/network/use-easytier-with-wireguard-client.md b/guide/network/use-easytier-with-wireguard-client.md index 61ff54a..b5e16a3 100644 --- a/guide/network/use-easytier-with-wireguard-client.md +++ b/guide/network/use-easytier-with-wireguard-client.md @@ -1,37 +1,46 @@ # 使用 WireGuard 客户端接入 -EasyTier 可以用作 WireGuard 服务端,让任意安装了 WireGuard 客户端的设备访问 EasyTier 网络。对于目前 EasyTier 不支持的平台 (如 iOS),可以使用这种方式接入 EasyTier 网络。 +EasyTier 可以用作 WireGuard 服务端,让任意安装了 WireGuard 客户端的设备访问 EasyTier 网络。对于目前 EasyTier 不支持的平台(如 iOS),可以使用这种方式接入 EasyTier 网络。 -假设网络拓扑如下: + +## 网络拓扑 + +假设网络拓扑如下,A 节点和 B 节点使用网 [双节点组网](decentralized-networking#two-nodes) 方式组网,并且 B 节点通过 [子网代理](point-to-networking) 代理了 `10.1.1.0/24` 子网。 ```mermaid flowchart LR +ios[[iPhone
安装 WireGuard]] -ios[[iPhone
安装 WireGuard]] - -subgraph 节点 A IP 22.1.1.1 -nodea[EasyTier
10.144.144.1] +subgraph 节点 A [公网 IP: 22.1.1.1] + nodea[EasyTier
虚拟 IP: 10.144.144.1] end subgraph 节点 B -nodeb[EasyTier
10.144.144.2] + nodeb[EasyTier
虚拟 IP: 10.144.144.2] end -id1[[10.1.1.0/24]] +id1[[子网
10.1.1.0/24]] ios <-.-> nodea <--> nodeb <-.-> id1 ``` -我们需要 iPhone 通过节点 A 访问 EasyTier 网络,则可进行如下配置: +我们需要 iPhone 通过节点 A 访问 EasyTier 网络,则可进行如下配置。 + -在节点 A 的 easytier-core 命令中,加入 --vpn-portal 参数,指定 WireGuard 服务监听的端口,以及 WireGuard 网络使用的网段。 +## 配置步骤 + +### 1. 配置节点 A + +在节点 A 的 `easytier-core` 命令中,加入 `--vpn-portal` 参数,指定 WireGuard 服务监听的端口,以及 WireGuard 网络使用的网段。 ```sh -# 以下参数的含义为: 监听 0.0.0.0:11013 端口,WireGuard 使用 10.14.14.0/24 网段 +# 以下参数的含义为:监听 0.0.0.0:11013 端口,WireGuard 使用 10.14.14.0/24 网段 sudo easytier-core --ipv4 10.144.144.1 --vpn-portal wg://0.0.0.0:11013/10.14.14.0/24 ``` -easytier-core 启动成功后,使用 easytier-cli 获取 WireGuard Client 的配置。 +### 2. 获取 WireGuard 客户端配置 + +`easytier-core` 启动成功后,使用 `easytier-cli` 获取 WireGuard 客户端的配置。 ```sh $> easytier-cli vpn-portal @@ -49,9 +58,24 @@ Endpoint = 0.0.0.0:11013 # should be the public ip of the easytier server connected_clients: [] - ``` -使用 Client Config 前,需要将 Interface Address 和 Peer Endpoint 分别修改为客户端的 IP 和 EasyTier 节点的 IP。将配置文件导入 WireGuard 客户端,即可访问 EasyTier 网络。 ---- +## 使用客户端配置 + +使用 Client Config 前,需要将以下字段修改为实际值: + +- **Interface Address**:修改为客户端的 IP,如 `10.14.14.1/24`,若接入多个 WireGuard 客户端,需确保每个客户端的 IP 不同。 +- **Peer Endpoint**:修改为 EasyTier 节点 A 的公网 IP 和端口 `22.1.1.11:11013`。 + +将配置文件导入 WireGuard 客户端,即可访问 EasyTier 网络。 + + +::: tip 提示 +如果需要支持多个客户端,可以在 `easytier-core` 的 `--vpn-portal` 参数中指定更大的网段,例如 `10.14.0.0/16`。 +::: + + +## 备注 + +WireGuard 客户端访问 EasyTier 虚拟网络的所有流量都会经过 EasyTier 节点 A,需要确保节点 A 的网络连接稳定,并且一般情况下需要 A 节点有公网 IP 才可以方便的使用。 diff --git a/guide/network/web-console.md b/guide/network/web-console.md index aaa6f8d..df3ad8d 100644 --- a/guide/network/web-console.md +++ b/guide/network/web-console.md @@ -11,17 +11,33 @@ EasyTier 支持使用 [Web 控制台](https://easytier.cn/web#/) 来管理 EasyT 如果希望 EasyTier 节点可以被 Web 控制台管理,需要在启动时指定 `--config-server` 或 `-w` 参数,例如: ```sh -./easytier-core -w <你的用户名> +sudo ./easytier-core -w <你的用户名> ``` > 请将 `<你的用户名>` 替换为你在 Web 控制台注册的用户名。 如果终端出现类似 “连接成功” 或 “已连接服务器” 的提示,则表示 Easytier Core 已成功连接到 Web 控制台的服务器。 +::: tip 提示 +Web 后端通过机器唯一码来识别设备和持久化配置,默认情况下 EasyTier 会自动从系统中获取机器唯一码。若机器码获取失败会导致重启后配置丢失,建议使用 `--machine-id` 参数指定机器码,例如: + +```sh +sudo ./easytier-core -w <你的用户名> --machine-id abc123 +``` + +请确保机器码在所有设备中唯一且不变。 **强烈建议 Docker 环境下手动指定机器码。** +::: + ::: danger 注意 一台机器只能有一个 EasyTier 进程被 Web 控制台管理,如果有多个进程可能会导致奇怪的问题。 ::: +::: tip 提示 + +可以通过 `--hostname <自定义主机名>` 参数指定控制台上显示的主机名。 + +::: + ## 使用 Web 控制台 使用刚才注册的用户名和密码登录 [Web 控制台](https://easytier.cn/web#/),登录成功后会看到节点列表。 diff --git a/index.md b/index.md index 9256b04..c5aba31 100644 --- a/index.md +++ b/index.md @@ -13,7 +13,7 @@ hero: actions: - theme: brand text: 快速开始 - link: /guide/installation + link: /guide/introduction - theme: alt text: 下载 link: /guide/download @@ -26,35 +26,32 @@ hero: features: - title: 去中心化 - details: 不区分客户端 / 服务端,无需依赖中心化服务,节点平等且独立。 + details: 节点平等独立,无需中心化服务。
不区分客户端/服务端。 link: /guide/network/decentralized-networking - title: 易用 - details: | - 支持通过 网页 / 客户端 / 命令行 多种方式使用,操作简单。 -
- 支持使用共享节点一键组网。 + details: 网页、客户端、命令行多方式操作
支持一键组网 link: /guide/network/web-console - title: 跨平台 - details: | - 支持 Windows / MacOS / Linux / FreeBSD / Android 等系统。 -
- 支持 X86 / ARM / MIPS 等硬件架构。 + details: 支持 Win / MacOS / Linux / FreeBSD / Android
兼容 X86 / ARM / MIPS 架构 link: /guide/download - title: 安全 - details: 支持 AES-GCM 或 WireGuard 加密保护中转流量,免受中间人攻击。 + details: AES-GCM 或 WireGuard 加密
防止中间人攻击 link: / - title: 高效 NAT 穿透 - details: 支持基于 UDP 的 NAT 穿透和 IPV6 穿透,在某些情况下可以打通 NAT4-NAT4 的网络。 + details: 支持 UDP、IPv6 穿透
可打通 NAT4-NAT4 网络 link: / - title: 子网代理 - details: 节点可以将其可访问的网段转发到虚拟网,允许其他节点通过该节点访问这些子网。 + details: 节点可共享子网供其他节点访问。 link: /guide/network/point-to-networking - title: 智能路由 - details: 支持延迟优先模式,自动选择最优路径,提供最佳的网络体验。 + details: 延迟优先,自动选路
提供最佳网络体验 link: /guide/network/configurations - title: 高性能 - details: 全链路零拷贝,性能与主流组网软件相当。
节点间通信支持 TCP / UDP / QUIC / WG 等多种协议。 + details: 全链路零拷贝
支持 TCP / UDP / WSS / WG 等协议 link: /guide/perf + - title: 抗 UDP 丢包 + details: KCP / QUIC 代理
优化高丢包环境下的延迟和带宽 + link: /guide/network/kcp-proxy --- ## 相关链接 @@ -64,15 +61,28 @@ features: - QQ 群:[949700262](https://qm.qq.com/q/wFoTUChqZW) - Telegram:https://t.me/easytier +## 鸣谢 + + + ## 赞助 {#sponsor} 如果您觉得 EasyTier 对您有所帮助,欢迎赞助我们。 软件的开发和维护需要大量的时间和精力,您的赞助将帮助我们更好地维护和改进 EasyTier。 -
- 微信 - 支付宝 +
+
+ 微信 +
+
+ 支付宝 +
diff --git a/metadata.data.ts b/metadata.data.ts index d057f1f..edbb5c3 100644 --- a/metadata.data.ts +++ b/metadata.data.ts @@ -1,7 +1,7 @@ export default { load() { return { - easytier_latest_version: '2.3.1', + easytier_latest_version: '2.3.2', github_accels: [ 'https://ghfast.top/', ], diff --git a/package.json b/package.json index 89f8da4..a1657ec 100644 --- a/package.json +++ b/package.json @@ -19,8 +19,8 @@ "eslint": "9.29.0", "eslint-plugin-format": "1.0.1", "markdown-it-task-lists": "2.1.1", - "mermaid": "11.4.1", - "vitepress": "1.5.0", + "mermaid": "11.7.0", + "vitepress": "1.6.3", "vitepress-plugin-mermaid": "2.0.17" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e408109..100bd0d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -28,14 +28,14 @@ importers: specifier: 2.1.1 version: 2.1.1 mermaid: - specifier: 11.4.1 - version: 11.4.1 + specifier: 11.7.0 + version: 11.7.0 vitepress: - specifier: 1.5.0 - version: 1.5.0(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3) + specifier: 1.6.3 + version: 1.6.3(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3) vitepress-plugin-mermaid: specifier: 2.0.17 - version: 2.0.17(mermaid@11.4.1)(vitepress@1.5.0(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3)) + version: 2.0.17(mermaid@11.7.0)(vitepress@1.6.3(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3)) .vitepress/third_party/lumen/src: dependencies: @@ -668,6 +668,9 @@ packages: '@iconify-json/simple-icons@1.2.20': resolution: {integrity: sha512-WlQ95zrdxxizrFt2HtkfYjyWatLfE8Z7BKOkew9quG5S5AKYVxF1PkTtOs8LDWShce1DpvxKWQne4W5DQyEGZg==} + '@iconify-json/simple-icons@1.2.39': + resolution: {integrity: sha512-XlhW73c4dHvUrwWckVY76HDjnaZ2fWKD6hNZtd5kuv23GC0g3Lu0MXnYscpkIYOeiXO+Gtlw8FM53J7C84mCtA==} + '@iconify/types@2.0.0': resolution: {integrity: sha512-+wluvCrRhXrhyOmRDJ3q8mux9JkKy5SJ/v8ol2tu4FVjyYvtEzkc/3pK15ET6RKg4b4w4BmTk1+gsCUhf21Ykg==} @@ -685,8 +688,8 @@ packages: '@mermaid-js/mermaid-mindmap@9.3.0': resolution: {integrity: sha512-IhtYSVBBRYviH1Ehu8gk69pMDF8DSRqXBRDMWrEfHoaMruHeaP2DXA3PBnuwsMaCdPQhlUUcy/7DBLAEIXvCAw==} - '@mermaid-js/parser@0.3.0': - resolution: {integrity: sha512-HsvL6zgE5sUPGgkIDlmAWR1HTNHz2Iy11BAWPTa4Jjabkpguy4Ze2gzfLrg6pdRuBvFwgUYyxiaNqZwrEEXepA==} + '@mermaid-js/parser@0.5.0': + resolution: {integrity: sha512-AiaN7+VjXC+3BYE+GwNezkpjIcCI2qIMB/K4S2/vMWe0q/XJCBbx5+K7iteuz7VyltX9iAK4FmVTvGc9kjOV4w==} '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} @@ -802,27 +805,51 @@ packages: '@shikijs/core@1.27.2': resolution: {integrity: sha512-ns1dokDr0KE1lQ9mWd4rqaBkhSApk0qGCK1+lOqwnkQSkVZ08UGqXj1Ef8dAcTMZNFkN6PSNjkL5TYNX7pyPbQ==} + '@shikijs/core@2.5.0': + resolution: {integrity: sha512-uu/8RExTKtavlpH7XqnVYBrfBkUc20ngXiX9NSrBhOVZYv/7XQRKUyhtkeflY5QsxC0GbJThCerruZfsUaSldg==} + '@shikijs/engine-javascript@1.27.2': resolution: {integrity: sha512-0JB7U5vJc16NShBdxv9hSSJYSKX79+32O7F4oXIxJLdYfomyFvx4B982ackUI9ftO9T3WwagkiiD3nOxOOLiGA==} + '@shikijs/engine-javascript@2.5.0': + resolution: {integrity: sha512-VjnOpnQf8WuCEZtNUdjjwGUbtAVKuZkVQ/5cHy/tojVVRIRtlWMYVjyWhxOmIq05AlSOv72z7hRNRGVBgQOl0w==} + '@shikijs/engine-oniguruma@1.27.2': resolution: {integrity: sha512-FZYKD1KN7srvpkz4lbGLOYWlyDU4Rd+2RtuKfABTkafAPOFr+J6umfIwY/TzOQqfNtWjL7SAwPAO0dcOraRLaQ==} + '@shikijs/engine-oniguruma@2.5.0': + resolution: {integrity: sha512-pGd1wRATzbo/uatrCIILlAdFVKdxImWJGQ5rFiB5VZi2ve5xj3Ax9jny8QvkaV93btQEwR/rSz5ERFpC5mKNIw==} + '@shikijs/langs@1.27.2': resolution: {integrity: sha512-MSrknKL0DbeXvhtSigMLIzjPOOQfvK7fsbcRv2NUUB0EvuTTomY8/U+lAkczYrXY2+dygKOapJKk8ScFYbtoNw==} + '@shikijs/langs@2.5.0': + resolution: {integrity: sha512-Qfrrt5OsNH5R+5tJ/3uYBBZv3SuGmnRPejV9IlIbFH3HTGLDlkqgHymAlzklVmKBjAaVmkPkyikAV/sQ1wSL+w==} + '@shikijs/themes@1.27.2': resolution: {integrity: sha512-Yw/uV7EijjWavIIZLoWneTAohcbBqEKj6XMX1bfMqO3llqTKsyXukPp1evf8qPqzUHY7ibauqEaQchhfi857mg==} + '@shikijs/themes@2.5.0': + resolution: {integrity: sha512-wGrk+R8tJnO0VMzmUExHR+QdSaPUl/NKs+a4cQQRWyoc3YFbUzuLEi/KWK1hj+8BfHRKm2jNhhJck1dfstJpiw==} + '@shikijs/transformers@1.27.2': resolution: {integrity: sha512-BJFeXP9/zlYidJocv2ShkOvXI22fepS2oK/vItfCbCcuJ0783eWgEn6/mMrXmk+p+Twu49ntDVQe665uy6RPWw==} + '@shikijs/transformers@2.5.0': + resolution: {integrity: sha512-SI494W5X60CaUwgi8u4q4m4s3YAFSxln3tzNjOSYqq54wlVgz0/NbbXEb3mdLbqMBztcmS7bVTaEd2w0qMmfeg==} + '@shikijs/types@1.27.2': resolution: {integrity: sha512-DM9OWUyjmdYdnKDpaGB/GEn9XkToyK1tqxuqbmc5PV+5K8WjjwfygL3+cIvbkSw2v1ySwHDgqATq/+98pJ4Kyg==} + '@shikijs/types@2.5.0': + resolution: {integrity: sha512-ygl5yhxki9ZLNuNpPitBWvcy9fsSKKaRuO4BAlMyagszQidxcpLAr0qiW/q43DtSIDxO6hEbtYLiFZNXO/hdGw==} + '@shikijs/vscode-textmate@10.0.1': resolution: {integrity: sha512-fTIQwLF+Qhuws31iw7Ncl1R3HUDtGwIipiJ9iU+UsDUwMhegFcQKQHd51nZjb7CArq0MvON8rbgCGQYWHUKAdg==} + '@shikijs/vscode-textmate@10.0.2': + resolution: {integrity: sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==} + '@stylistic/eslint-plugin@2.13.0': resolution: {integrity: sha512-RnO1SaiCFHn666wNz2QfZEFxvmiNRqhzaMXHXxXXKt+MEP7aajlPxUSMIQpKAaJfverpovEYqjBOXDq6dDcaOQ==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} @@ -976,6 +1003,9 @@ packages: '@types/web-bluetooth@0.0.20': resolution: {integrity: sha512-g9gZnnXVq7gM7v3tJCWV/qw7w+KeOlSHAhgF9RytFyifW6AF61hdT2ucrYhPq9hLs5JIryeupHV3qGk95dH9ow==} + '@types/web-bluetooth@0.0.21': + resolution: {integrity: sha512-oIQLCGWtcFZy2JW77j9k8nHzAOpqMHLQejDA48XXMWH6tjCQHz5RCFz1bzsmROyL6PUm+LLnUiI4BCn221inxA==} + '@typescript-eslint/eslint-plugin@8.20.0': resolution: {integrity: sha512-naduuphVw5StFfqp4Gq4WhIBE2gN1GEmMUExpJYknZJdRnc+2gDzB8Z3+5+/Kv33hPQRDGzQO/0opHE72lZZ6A==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} @@ -1087,6 +1117,9 @@ packages: '@vueuse/core@11.3.0': resolution: {integrity: sha512-7OC4Rl1f9G8IT6rUfi9JrKiXy4bfmHhZ5x2Ceojy0jnd3mHNEvV4JaRygH362ror6/NZ+Nl+n13LPzGiPN8cKA==} + '@vueuse/core@12.8.2': + resolution: {integrity: sha512-HbvCmZdzAu3VGi/pWYm5Ut+Kd9mn1ZHnn4L5G8kOQTPs/IwIAmJoBrmYk2ckLArgMXZj0AW3n5CAejLUO+PhdQ==} + '@vueuse/integrations@11.3.0': resolution: {integrity: sha512-5fzRl0apQWrDezmobchoiGTkGw238VWESxZHazfhP3RM7pDSiyXy18QbfYkILoYNTd23HPAfQTJpkUc5QbkwTw==} peerDependencies: @@ -1128,12 +1161,59 @@ packages: universal-cookie: optional: true + '@vueuse/integrations@12.8.2': + resolution: {integrity: sha512-fbGYivgK5uBTRt7p5F3zy6VrETlV9RtZjBqd1/HxGdjdckBgBM4ugP8LHpjolqTj14TXTxSK1ZfgPbHYyGuH7g==} + peerDependencies: + async-validator: ^4 + axios: ^1 + change-case: ^5 + drauu: ^0.4 + focus-trap: ^7 + fuse.js: ^7 + idb-keyval: ^6 + jwt-decode: ^4 + nprogress: ^0.2 + qrcode: ^1.5 + sortablejs: ^1 + universal-cookie: ^7 + peerDependenciesMeta: + async-validator: + optional: true + axios: + optional: true + change-case: + optional: true + drauu: + optional: true + focus-trap: + optional: true + fuse.js: + optional: true + idb-keyval: + optional: true + jwt-decode: + optional: true + nprogress: + optional: true + qrcode: + optional: true + sortablejs: + optional: true + universal-cookie: + optional: true + '@vueuse/metadata@11.3.0': resolution: {integrity: sha512-pwDnDspTqtTo2HwfLw4Rp6yywuuBdYnPYDq+mO38ZYKGebCUQC/nVj/PXSiK9HX5otxLz8Fn7ECPbjiRz2CC3g==} + '@vueuse/metadata@12.8.2': + resolution: {integrity: sha512-rAyLGEuoBJ/Il5AmFHiziCPdQzRt88VxR+Y/A/QhJ1EWtWqPBBAxTAFaSkviwEuOEZNtW8pvkPgoCZQ+HxqW1A==} + '@vueuse/shared@11.3.0': resolution: {integrity: sha512-P8gSSWQeucH5821ek2mn/ciCk+MS/zoRKqdQIM3bHq6p7GXDAJLmnRRKmF5F65sAVJIfzQlwR3aDzwCn10s8hA==} + '@vueuse/shared@12.8.2': + resolution: {integrity: sha512-dznP38YzxZoNloI0qpEfpkms8knDtaoQ6Y/sfS0L7Yki4zh40LFHEhur0odJC6xTHG5dxWVPiUWBXn+wCG2s5w==} + acorn-jsx@5.3.2: resolution: {integrity: sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==} peerDependencies: @@ -1529,8 +1609,8 @@ packages: resolution: {integrity: sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==} engines: {node: '>=6.0.0'} - dompurify@3.2.3: - resolution: {integrity: sha512-U1U5Hzc2MO0oW3DF+G9qYN0aT7atAou4AgI0XjWz061nyBPbdxkfdhfy5uMgGn6+oLFCfn44ZGbdDqCzVmlOWA==} + dompurify@3.2.6: + resolution: {integrity: sha512-/2GogDQlohXPZe6D6NOgQvXLPSYBqIWMnZ8zzOhn09REE4eyAzb+Hed3jhoM9OkuaJ8P6ZGTTVWQKAi8ieIzfQ==} dotenv@16.4.7: resolution: {integrity: sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==} @@ -2057,8 +2137,8 @@ packages: kolorist@1.8.0: resolution: {integrity: sha512-Y+60/zizpJ3HRH8DCss+q95yr6145JXZo46OTpFvDZWLfRCE4qChOyk1b26nMaNpfHHgxagk9dXT5OP0Tfe+dQ==} - langium@3.0.0: - resolution: {integrity: sha512-+Ez9EoiByeoTu/2BXmEaZ06iPNXM6thWJp02KfBO/raSMyCJ4jw7AkWWa+zBCTm0+Tw1Fj9FOxdqSskyN5nAwg==} + langium@3.3.1: + resolution: {integrity: sha512-QJv/h939gDpvT+9SiLVlY7tZC3xB2qK57v0J04Sh9wpMb6MP1q8gB21L3WIo8T5P1MSMg3Ep14L7KkDCFG3y4w==} engines: {node: '>=16.0.0'} layout-base@1.0.2: @@ -2114,8 +2194,8 @@ packages: markdown-table@3.0.4: resolution: {integrity: sha512-wiYz4+JrLyb/DqW2hkFJxP7Vd7JuTDm77fvbM8VfEQdmSMqcImWeeRbHwZjBjIFki/VaMK2BhFi7oUUZeM5bqw==} - marked@13.0.3: - resolution: {integrity: sha512-rqRix3/TWzE9rIoFGIn8JmsVfhiuC8VIQ8IdX5TfzmeBucdY05/0UlzKaw0eVtpcN/OdVFpBk7CjKGo9iHJ/zA==} + marked@15.0.12: + resolution: {integrity: sha512-8dD6FusOQSrpv9Z1rdNMdlSgQOIP880DHqnohobOmYLElGEqAL/JvxvuxZO16r4HtjTlfPRDC1hbvxC9dPN2nA==} engines: {node: '>= 18'} hasBin: true @@ -2162,8 +2242,8 @@ packages: resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} engines: {node: '>= 8'} - mermaid@11.4.1: - resolution: {integrity: sha512-Mb01JT/x6CKDWaxigwfZYuYmDZ6xtrNwNlidKZwkSrDaY9n90tdrJTV5Umk+wP1fZscGptmKFXHsXMDEVZ+Q6A==} + mermaid@11.7.0: + resolution: {integrity: sha512-/1/5R0rt0Z1Ak0CuznAnCF3HtQgayRXUz6SguzOwN4L+DuCobz0UxnQ+ZdTSZ3AugKVVh78tiVmsHpHWV25TCw==} micromark-core-commonmark@2.0.2: resolution: {integrity: sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==} @@ -2343,6 +2423,9 @@ packages: oniguruma-to-es@2.1.0: resolution: {integrity: sha512-Iq/949c5IueVC5gQR7OYXs0uHsDIePcgZFlVRIVGfQcWwbKG+nsyWfthswdytShlRdkZADY+bWSi+BRyUL81gA==} + oniguruma-to-es@3.1.1: + resolution: {integrity: sha512-bUH8SDvPkH3ho3dvwJwfonjlQ4R80vjyvrU8YpxuROddv55vAEJrTuCuCVUhhsHbtlD9tGGbaNApGQckXhS8iQ==} + optionator@0.9.4: resolution: {integrity: sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==} engines: {node: '>= 0.8.0'} @@ -2497,12 +2580,18 @@ packages: regex-recursion@5.1.1: resolution: {integrity: sha512-ae7SBCbzVNrIjgSbh7wMznPcQel1DNlDtzensnFxpiNpXt1U2ju/bHugH422r+4LAVS1FpW1YCwilmnNsjum9w==} + regex-recursion@6.0.2: + resolution: {integrity: sha512-0YCaSCq2VRIebiaUviZNs0cBz1kg5kVS2UKUfNIx8YVs1cN3AV7NTctO5FOKBA+UT2BPJIWZauYHPqJODG50cg==} + regex-utilities@2.3.0: resolution: {integrity: sha512-8VhliFJAWRaUiVvREIiW2NXXTmHs4vMNnSzuJVhscgmGav3g9VDxLrQndI3dZZVVdp0ZO/5v0xmX516/7M9cng==} regex@5.1.1: resolution: {integrity: sha512-dN5I359AVGPnwzJm2jN1k0W9LPZ+ePvoOeVMMfqIMFz53sSwXkxaJoxr50ptnsC771lK95BnTrVSZxq0b9yCGw==} + regex@6.0.1: + resolution: {integrity: sha512-uorlqlzAKjKQZ5P+kTJr3eeJGSVroLKoHmquUj4zHWuR+hEyNqlXsSKlYYF5F4NI6nl7tWCs0apKJ0lmfsXAPA==} + regexp-ast-analysis@0.7.1: resolution: {integrity: sha512-sZuz1dYW/ZsfG17WSAG7eS85r5a0dDsvg+7BiiYR5o6lKCAtUrEwdmRmaGF6rwVj3LcmAeYkOWKEPlbPzN3Y3A==} engines: {node: ^12.0.0 || ^14.0.0 || >=16.0.0} @@ -2585,6 +2674,9 @@ packages: shiki@1.27.2: resolution: {integrity: sha512-QtA1C41oEVixKog+V8I3ia7jjGls7oCZ8Yul8vdHrVBga5uPoyTtMvFF4lMMXIyAZo5A5QbXq91bot2vA6Q+eQ==} + shiki@2.5.0: + resolution: {integrity: sha512-mI//trrsaiCIPsja5CNfsyNOqgAZUb6VpJA+340toL42UpzQlXpwRV9nch69X6gaUxrr9kaOOa6e3y3uAkGFxQ==} + signal-exit@4.1.0: resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} engines: {node: '>=14'} @@ -2647,8 +2739,8 @@ packages: resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} engines: {node: '>=8'} - stylis@4.3.5: - resolution: {integrity: sha512-K7npNOKGRYuhAFFzkzMGfxFDpN6gDwf8hcMiE+uveTVbBgm93HrNP3ZDUpKqzZ4pG7TP6fmb+EMAQPjq9FqqvA==} + stylis@4.3.6: + resolution: {integrity: sha512-yQ3rwFWRfwNUY7H5vpU0wfdkNSnvnJinhF9830Swlaxl03zsOjCfmX0ugac+3LtK0lYSgwL/KXc8oYL3mG4YFQ==} superjson@2.2.2: resolution: {integrity: sha512-5JRxVqC8I8NuOUjzBbvVJAKNM8qoVuH0O77h4WInc/qC2q5IreqKxYwgkga3PfA22OayK2ikceb/B26dztPl+Q==} @@ -2769,8 +2861,8 @@ packages: util-deprecate@1.0.2: resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} + uuid@11.1.0: + resolution: {integrity: sha512-0/A9rDy9P7cJ+8w1c9WD9V//9Wj15Ce2MPz8Ri6032usz+NfePxx5AcN3bN+r6ZL6jEo066/yNYB3tn4pQEx+A==} hasBin: true validate-npm-package-license@3.0.4: @@ -2813,6 +2905,37 @@ packages: terser: optional: true + vite@5.4.19: + resolution: {integrity: sha512-qO3aKv3HoQC8QKiNSTuUM1l9o/XX3+c+VTgLHbJWHZGeTPVAg2XwazI9UWzoxjIJCGCV2zU60uqMzjeLZuULqA==} + engines: {node: ^18.0.0 || >=20.0.0} + hasBin: true + peerDependencies: + '@types/node': ^18.0.0 || >=20.0.0 + less: '*' + lightningcss: ^1.21.0 + sass: '*' + sass-embedded: '*' + stylus: '*' + sugarss: '*' + terser: ^5.4.0 + peerDependenciesMeta: + '@types/node': + optional: true + less: + optional: true + lightningcss: + optional: true + sass: + optional: true + sass-embedded: + optional: true + stylus: + optional: true + sugarss: + optional: true + terser: + optional: true + vite@6.0.7: resolution: {integrity: sha512-RDt8r/7qx9940f8FcOIAH9PTViRrghKaK2K1jY3RaAURrEUbm9Du1mJ72G+jlhtG3WwodnfzY8ORQZbBavZEAQ==} engines: {node: ^18.0.0 || ^20.0.0 || >=22.0.0} @@ -2871,6 +2994,18 @@ packages: postcss: optional: true + vitepress@1.6.3: + resolution: {integrity: sha512-fCkfdOk8yRZT8GD9BFqusW3+GggWYZ/rYncOfmgcDtP3ualNHCAg+Robxp2/6xfH1WwPHtGpPwv7mbA3qomtBw==} + hasBin: true + peerDependencies: + markdown-it-mathjax3: ^4 + postcss: ^8 + peerDependenciesMeta: + markdown-it-mathjax3: + optional: true + postcss: + optional: true + vscode-jsonrpc@8.2.0: resolution: {integrity: sha512-C+r0eKJUIfiDIfwJhria30+TYWPtuHJXHtI7J0YlOmKAo7ogxP20T0zxB7HZQIFhIyvoBPwWskjxrvAtfjyZfA==} engines: {node: '>=14.0.0'} @@ -3465,6 +3600,10 @@ snapshots: dependencies: '@iconify/types': 2.0.0 + '@iconify-json/simple-icons@1.2.39': + dependencies: + '@iconify/types': 2.0.0 + '@iconify/types@2.0.0': {} '@iconify/utils@2.2.1': @@ -3498,9 +3637,9 @@ snapshots: non-layered-tidy-tree-layout: 2.0.2 optional: true - '@mermaid-js/parser@0.3.0': + '@mermaid-js/parser@0.5.0': dependencies: - langium: 3.0.0 + langium: 3.3.1 '@nodelib/fs.scandir@2.1.5': dependencies: @@ -3582,36 +3721,76 @@ snapshots: '@types/hast': 3.0.4 hast-util-to-html: 9.0.4 + '@shikijs/core@2.5.0': + dependencies: + '@shikijs/engine-javascript': 2.5.0 + '@shikijs/engine-oniguruma': 2.5.0 + '@shikijs/types': 2.5.0 + '@shikijs/vscode-textmate': 10.0.2 + '@types/hast': 3.0.4 + hast-util-to-html: 9.0.4 + '@shikijs/engine-javascript@1.27.2': dependencies: '@shikijs/types': 1.27.2 '@shikijs/vscode-textmate': 10.0.1 oniguruma-to-es: 2.1.0 + '@shikijs/engine-javascript@2.5.0': + dependencies: + '@shikijs/types': 2.5.0 + '@shikijs/vscode-textmate': 10.0.2 + oniguruma-to-es: 3.1.1 + '@shikijs/engine-oniguruma@1.27.2': dependencies: '@shikijs/types': 1.27.2 '@shikijs/vscode-textmate': 10.0.1 + '@shikijs/engine-oniguruma@2.5.0': + dependencies: + '@shikijs/types': 2.5.0 + '@shikijs/vscode-textmate': 10.0.2 + '@shikijs/langs@1.27.2': dependencies: '@shikijs/types': 1.27.2 + '@shikijs/langs@2.5.0': + dependencies: + '@shikijs/types': 2.5.0 + '@shikijs/themes@1.27.2': dependencies: '@shikijs/types': 1.27.2 + '@shikijs/themes@2.5.0': + dependencies: + '@shikijs/types': 2.5.0 + '@shikijs/transformers@1.27.2': dependencies: shiki: 1.27.2 + '@shikijs/transformers@2.5.0': + dependencies: + '@shikijs/core': 2.5.0 + '@shikijs/types': 2.5.0 + '@shikijs/types@1.27.2': dependencies: '@shikijs/vscode-textmate': 10.0.1 '@types/hast': 3.0.4 + '@shikijs/types@2.5.0': + dependencies: + '@shikijs/vscode-textmate': 10.0.2 + '@types/hast': 3.0.4 + '@shikijs/vscode-textmate@10.0.1': {} + '@shikijs/vscode-textmate@10.0.2': {} + '@stylistic/eslint-plugin@2.13.0(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3)': dependencies: '@typescript-eslint/utils': 8.20.0(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3) @@ -3792,6 +3971,8 @@ snapshots: '@types/web-bluetooth@0.0.20': {} + '@types/web-bluetooth@0.0.21': {} + '@typescript-eslint/eslint-plugin@8.20.0(@typescript-eslint/parser@8.20.0(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3))(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3)': dependencies: '@eslint-community/regexpp': 4.12.1 @@ -3876,6 +4057,11 @@ snapshots: vite: 5.4.11(@types/node@22.10.7) vue: 3.5.13(typescript@5.7.3) + '@vitejs/plugin-vue@5.2.1(vite@5.4.19(@types/node@22.10.7))(vue@3.5.13(typescript@5.7.3))': + dependencies: + vite: 5.4.19(@types/node@22.10.7) + vue: 3.5.13(typescript@5.7.3) + '@vitest/eslint-plugin@1.1.25(@typescript-eslint/utils@8.20.0(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3))(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3)': dependencies: '@typescript-eslint/utils': 8.20.0(eslint@9.29.0(jiti@2.4.2))(typescript@5.7.3) @@ -3965,6 +4151,15 @@ snapshots: - '@vue/composition-api' - vue + '@vueuse/core@12.8.2(typescript@5.7.3)': + dependencies: + '@types/web-bluetooth': 0.0.21 + '@vueuse/metadata': 12.8.2 + '@vueuse/shared': 12.8.2(typescript@5.7.3) + vue: 3.5.13(typescript@5.7.3) + transitivePeerDependencies: + - typescript + '@vueuse/integrations@11.3.0(focus-trap@7.6.4)(vue@3.5.13(typescript@5.7.3))': dependencies: '@vueuse/core': 11.3.0(vue@3.5.13(typescript@5.7.3)) @@ -3976,8 +4171,20 @@ snapshots: - '@vue/composition-api' - vue + '@vueuse/integrations@12.8.2(focus-trap@7.6.4)(typescript@5.7.3)': + dependencies: + '@vueuse/core': 12.8.2(typescript@5.7.3) + '@vueuse/shared': 12.8.2(typescript@5.7.3) + vue: 3.5.13(typescript@5.7.3) + optionalDependencies: + focus-trap: 7.6.4 + transitivePeerDependencies: + - typescript + '@vueuse/metadata@11.3.0': {} + '@vueuse/metadata@12.8.2': {} + '@vueuse/shared@11.3.0(vue@3.5.13(typescript@5.7.3))': dependencies: vue-demi: 0.14.10(vue@3.5.13(typescript@5.7.3)) @@ -3985,6 +4192,12 @@ snapshots: - '@vue/composition-api' - vue + '@vueuse/shared@12.8.2(typescript@5.7.3)': + dependencies: + vue: 3.5.13(typescript@5.7.3) + transitivePeerDependencies: + - typescript + acorn-jsx@5.3.2(acorn@8.15.0): dependencies: acorn: 8.15.0 @@ -4403,7 +4616,7 @@ snapshots: dependencies: esutils: 2.0.3 - dompurify@3.2.3: + dompurify@3.2.6: optionalDependencies: '@types/trusted-types': 2.0.7 @@ -5040,7 +5253,7 @@ snapshots: kolorist@1.8.0: {} - langium@3.0.0: + langium@3.3.1: dependencies: chevrotain: 11.0.3 chevrotain-allstar: 0.3.1(chevrotain@11.0.3) @@ -5095,7 +5308,7 @@ snapshots: markdown-table@3.0.4: {} - marked@13.0.3: {} + marked@15.0.12: {} mdast-util-find-and-replace@3.0.2: dependencies: @@ -5215,11 +5428,11 @@ snapshots: merge2@1.4.1: {} - mermaid@11.4.1: + mermaid@11.7.0: dependencies: '@braintree/sanitize-url': 7.1.1 '@iconify/utils': 2.2.1 - '@mermaid-js/parser': 0.3.0 + '@mermaid-js/parser': 0.5.0 '@types/d3': 7.4.3 cytoscape: 3.31.0 cytoscape-cose-bilkent: 4.1.0(cytoscape@3.31.0) @@ -5228,15 +5441,15 @@ snapshots: d3-sankey: 0.12.3 dagre-d3-es: 7.0.11 dayjs: 1.11.13 - dompurify: 3.2.3 + dompurify: 3.2.6 katex: 0.16.21 khroma: 2.1.0 lodash-es: 4.17.21 - marked: 13.0.3 + marked: 15.0.12 roughjs: 4.6.6 - stylis: 4.3.5 + stylis: 4.3.6 ts-dedent: 2.2.0 - uuid: 9.0.1 + uuid: 11.1.0 transitivePeerDependencies: - supports-color @@ -5523,6 +5736,12 @@ snapshots: regex: 5.1.1 regex-recursion: 5.1.1 + oniguruma-to-es@3.1.1: + dependencies: + emoji-regex-xs: 1.0.0 + regex: 6.0.1 + regex-recursion: 6.0.2 + optionator@0.9.4: dependencies: deep-is: 0.1.4 @@ -5668,12 +5887,20 @@ snapshots: regex: 5.1.1 regex-utilities: 2.3.0 + regex-recursion@6.0.2: + dependencies: + regex-utilities: 2.3.0 + regex-utilities@2.3.0: {} regex@5.1.1: dependencies: regex-utilities: 2.3.0 + regex@6.0.1: + dependencies: + regex-utilities: 2.3.0 + regexp-ast-analysis@0.7.1: dependencies: '@eslint-community/regexpp': 4.12.1 @@ -5772,6 +5999,17 @@ snapshots: '@shikijs/vscode-textmate': 10.0.1 '@types/hast': 3.0.4 + shiki@2.5.0: + dependencies: + '@shikijs/core': 2.5.0 + '@shikijs/engine-javascript': 2.5.0 + '@shikijs/engine-oniguruma': 2.5.0 + '@shikijs/langs': 2.5.0 + '@shikijs/themes': 2.5.0 + '@shikijs/types': 2.5.0 + '@shikijs/vscode-textmate': 10.0.2 + '@types/hast': 3.0.4 + signal-exit@4.1.0: {} sisteransi@1.0.5: {} @@ -5828,7 +6066,7 @@ snapshots: strip-json-comments@3.1.1: {} - stylis@4.3.5: {} + stylis@4.3.6: {} superjson@2.2.2: dependencies: @@ -5940,7 +6178,7 @@ snapshots: util-deprecate@1.0.2: {} - uuid@9.0.1: {} + uuid@11.1.0: {} validate-npm-package-license@3.0.4: dependencies: @@ -5966,6 +6204,15 @@ snapshots: '@types/node': 22.10.7 fsevents: 2.3.3 + vite@5.4.19(@types/node@22.10.7): + dependencies: + esbuild: 0.21.5 + postcss: 8.5.1 + rollup: 4.31.0 + optionalDependencies: + '@types/node': 22.10.7 + fsevents: 2.3.3 + vite@6.0.7(@types/node@22.10.7)(jiti@2.4.2)(yaml@2.7.0): dependencies: esbuild: 0.24.2 @@ -5977,10 +6224,10 @@ snapshots: jiti: 2.4.2 yaml: 2.7.0 - vitepress-plugin-mermaid@2.0.17(mermaid@11.4.1)(vitepress@1.5.0(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3)): + vitepress-plugin-mermaid@2.0.17(mermaid@11.7.0)(vitepress@1.6.3(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3)): dependencies: - mermaid: 11.4.1 - vitepress: 1.5.0(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3) + mermaid: 11.7.0 + vitepress: 1.6.3(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3) optionalDependencies: '@mermaid-js/mermaid-mindmap': 9.3.0 @@ -6034,6 +6281,55 @@ snapshots: - typescript - universal-cookie + vitepress@1.6.3(@algolia/client-search@5.19.0)(@types/node@22.10.7)(postcss@8.5.1)(search-insights@2.17.3)(typescript@5.7.3): + dependencies: + '@docsearch/css': 3.8.2 + '@docsearch/js': 3.8.2(@algolia/client-search@5.19.0)(search-insights@2.17.3) + '@iconify-json/simple-icons': 1.2.39 + '@shikijs/core': 2.5.0 + '@shikijs/transformers': 2.5.0 + '@shikijs/types': 2.5.0 + '@types/markdown-it': 14.1.2 + '@vitejs/plugin-vue': 5.2.1(vite@5.4.19(@types/node@22.10.7))(vue@3.5.13(typescript@5.7.3)) + '@vue/devtools-api': 7.7.0 + '@vue/shared': 3.5.13 + '@vueuse/core': 12.8.2(typescript@5.7.3) + '@vueuse/integrations': 12.8.2(focus-trap@7.6.4)(typescript@5.7.3) + focus-trap: 7.6.4 + mark.js: 8.11.1 + minisearch: 7.1.1 + shiki: 2.5.0 + vite: 5.4.19(@types/node@22.10.7) + vue: 3.5.13(typescript@5.7.3) + optionalDependencies: + postcss: 8.5.1 + transitivePeerDependencies: + - '@algolia/client-search' + - '@types/node' + - '@types/react' + - async-validator + - axios + - change-case + - drauu + - fuse.js + - idb-keyval + - jwt-decode + - less + - lightningcss + - nprogress + - qrcode + - react + - react-dom + - sass + - sass-embedded + - search-insights + - sortablejs + - stylus + - sugarss + - terser + - typescript + - universal-cookie + vscode-jsonrpc@8.2.0: {} vscode-languageserver-protocol@3.17.5: diff --git a/public/easytier.png b/public/easytier.png index 13bab39..26c6d8f 100644 Binary files a/public/easytier.png and b/public/easytier.png differ diff --git a/public/gui-config-dark.png b/public/gui-config-dark.png index 44c6165..64a28fe 100644 Binary files a/public/gui-config-dark.png and b/public/gui-config-dark.png differ diff --git a/public/gui-config-light.png b/public/gui-config-light.png index e461cdd..cb7ed3d 100644 Binary files a/public/gui-config-light.png and b/public/gui-config-light.png differ